diff options
| -rw-r--r-- | docs/sources/bmp.md | 20 | ||||
| -rw-r--r-- | docs/sources/cli-operations.md | 67 | ||||
| -rw-r--r-- | docs/sources/evpn.md | 48 | ||||
| -rw-r--r-- | docs/sources/flowspec.md | 25 | ||||
| -rw-r--r-- | docs/sources/getting-started.md | 60 | ||||
| -rw-r--r-- | docs/sources/mrt.md | 40 | ||||
| -rw-r--r-- | docs/sources/policy.md | 216 | ||||
| -rw-r--r-- | docs/sources/route-reflector.md | 56 | ||||
| -rw-r--r-- | docs/sources/route-server.md | 61 | ||||
| -rw-r--r-- | docs/sources/rpki.md | 137 | ||||
| -rw-r--r-- | docs/sources/zebra.md | 10 |
11 files changed, 338 insertions, 402 deletions
diff --git a/docs/sources/bmp.md b/docs/sources/bmp.md index 495a71d8..b8333cd4 100644 --- a/docs/sources/bmp.md +++ b/docs/sources/bmp.md @@ -12,19 +12,17 @@ Assume you finished [Getting Started](https://github.com/osrg/gobgp/blob/master/ ## <a name="config"> Configuration -Add `[BmpServers]` section to enable BMP like below. +Add `[bmp-servers]` section to enable BMP like below. ```toml -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[BmpServers] - [[BmpServers.BmpServerList]] - [BmpServers.BmpServerList.Config] - Address = "127.0.0.1" - Port=11019 +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[bmp-servers]] + [bmp-servers.config] + address = "127.0.0.1" + port=11019 ``` ## <a name="verify"> Verification diff --git a/docs/sources/cli-operations.md b/docs/sources/cli-operations.md index dd1cc560..48f373b3 100644 --- a/docs/sources/cli-operations.md +++ b/docs/sources/cli-operations.md @@ -12,7 +12,7 @@ This example starts with the same configuration with [Getting Started](https://g Make sure that all the peers are connected. -``` +```bash $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted 10.0.255.1 65001 00:00:04 Establ | 2 2 2 @@ -29,41 +29,36 @@ file and sending `HUP` signal to GoBGP daemon. In this example, 10.0.255.3 peer is added. The configuration file should be like the following. -``` -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 65001 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 65002 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.3" - PeerAs = 65003 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 65001 +[neighbors.route-server.config] + route-server-client = true + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 65002 +[neighbors.route-server.config] + route-server-client = true + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.3" + peer-as = 65003 +[neighbors.route-server.config] + route-server-client = true ``` After you send `HUP` signal (`kill` command), you should see 10.0.255.3 peer. -``` +```bash $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted 10.0.255.1 65001 00:03:42 Establ | 3 2 2 @@ -77,7 +72,7 @@ Sometime you might want to disable the configured peer without removing the configuration for the peer. Likely, again you enable the peer later. -``` +```bash $ gobgp neighbor 10.0.255.1 disable $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted @@ -88,7 +83,7 @@ Peer AS Up/Down State |#Advertised Received Accepted The state of 10.0.255.1 is `Idle(Admin)`. Let's enable the peer again. -``` +```bash $ gobgp neighbor 10.0.255.1 enable $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted @@ -99,7 +94,7 @@ Peer AS Up/Down State |#Advertised Received Accepted Eventually, the state should be `Established` again. -``` +```bash $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted 10.0.255.1 65001 00:00:02 Establ | 3 2 2 @@ -111,7 +106,7 @@ Peer AS Up/Down State |#Advertised Received Accepted Various reset operations are supported. -``` +```bash $ gobgp neighbor 10.0.255.1 reset $ gobgp neighbor 10.0.255.1 softreset $ gobgp neighbor 10.0.255.1 softresetin diff --git a/docs/sources/evpn.md b/docs/sources/evpn.md index 71fef620..b35ba61e 100644 --- a/docs/sources/evpn.md +++ b/docs/sources/evpn.md @@ -18,28 +18,24 @@ peers. Two BaGPipe peers are not connected. It's incorrect from the perspective of BGP but this example just shows two OSS BGP implementations can interchange EVPN messages. -``` -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 64512 - [Neighbors.NeighborList.AfiSafis] - [[Neighbors.NeighborList.AfiSafis.AfiSafiList]] - AfiSafiName = "l2vpn-evpn" - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 64512 - [Neighbors.NeighborList.AfiSafis] - [[Neighbors.NeighborList.AfiSafis.AfiSafiList]] - AfiSafiName = "l2vpn-evpn" +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 64512 +[[neighbors.afi-safis]] + afi-safi-name = "l2vpn-evpn" + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 64512 +[[neighbors.afi-safis]] + afi-safi-name = "l2vpn-evpn" ``` The point is that route families to be advertised need to be @@ -47,7 +43,7 @@ specified. We expect that many people are not familiar with [BaGPipe BGP](https://github.com/Orange-OpenSource/bagpipe-bgp), the following is our configuration files. -``` +```bash bagpipe-peer1:/etc/bagpipe-bgp# cat bgp.conf [BGP] local_address=10.0.255.1 @@ -71,7 +67,7 @@ dataplane_driver = DummyDataplaneDriver As you expect, the RIBs at 10.0.255.2 peer has nothing. -``` +```bash bagpipe-peer2:~# bagpipe-looking-glass bgp routes match:IPv4/mpls-vpn,*: - match:IPv4/rtc,*: - @@ -80,12 +76,12 @@ match:L2VPN/evpn,*: - Let's advertise something from 10.0.255.1 peer. -``` +```bash bagpipe-peer1:~# bagpipe-rest-attach --attach --port tap42 --mac 00:11:22:33:44:55 --ip 11.11.11.1 --gateway-ip 11.11.11.254 --network-type evpn --rt 65000:77 ``` Now the RIBs at 10.0.255.2 peer has the above route. The route was interchanged via GoBGP peer. -``` +```bash bagpipe-peer2:~# bagpipe-looking-glass bgp routes match:IPv4/mpls-vpn,*: - match:IPv4/rtc,*: - diff --git a/docs/sources/flowspec.md b/docs/sources/flowspec.md index a55d68a9..055aab6b 100644 --- a/docs/sources/flowspec.md +++ b/docs/sources/flowspec.md @@ -15,22 +15,19 @@ Assume you finished [Getting Started](https://github.com/osrg/gobgp/blob/master/ ## <a name="section0"> Configuration To advertise flowspec routes, enumerate `ipv4-flowspec` to neighbor's -afi-safi-list like below. +afi-safis like below. ```toml -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 64512 - [Neighbors.NeighborList.AfiSafis] - [[Neighbors.NeighborList.AfiSafis.AfiSafiList]] - AfiSafiName = "ipv4-flowspec" +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] +[neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 64512 +[[neighbors.afi-safis]] + afi-safi-name = "ipv4-flowspec" ``` ## <a name="section1"> Add Flowspec routes through CLI diff --git a/docs/sources/getting-started.md b/docs/sources/getting-started.md index d7929146..5a64d440 100644 --- a/docs/sources/getting-started.md +++ b/docs/sources/getting-started.md @@ -30,41 +30,49 @@ $ source gobgp-completion.bash ## Configuration -Currently, GoBGP can be configured via a configuration file. This example -uses the following very simple configuration file, `gobgpd.conf`: - -``` -$ cat gobgpd.conf -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 65001 - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 65002 +GoBGP can be configured via a configuration file or gRPC API. This example +uses the following very simple configuration. All keys are case-insensitive. +Default configuration format of GoBGP is [toml](https://github.com/toml-lang/toml). +If you don't like `toml`, you can use `json`, `yaml` and `hcl` instead. + +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 65001 + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 65002 ``` ## Starting GoBGP -Let's start gobgpd: +Save the configuration above as gobgpd.conf and start gobgpd: -``` +```bash $ sudo -E gobgpd -f gobgpd.conf {"level":"info","msg":"Peer 10.0.255.1 is added","time":"2015-04-06T20:32:28+09:00"} {"level":"info","msg":"Peer 10.0.255.2 is added","time":"2015-04-06T20:32:28+09:00"} ``` -Let's show the information of all the peers. +If you use a configuration format other than `toml`, you must specify the format +by `-t` option. +```bash +$ sudo -E gobgpd -t yaml gobgpd.yml +{"level":"info","msg":"Peer 10.0.255.1 is added","time":"2015-04-06T20:32:28+09:00"} +{"level":"info","msg":"Peer 10.0.255.2 is added","time":"2015-04-06T20:32:28+09:00"} ``` + +Let's show the information of all the peers. + +```bash $ gobgp neighbor Peer AS Up/Down State |#Advertised Received Accepted 10.0.255.1 65001 00:00:14 Establ | 1 5 5 @@ -73,7 +81,7 @@ Peer AS Up/Down State |#Advertised Received Accepted Want to the details of a particular peer? -``` +```bash $ gobgp neighbor 10.0.255.1 BGP neighbor is 10.0.255.1, remote AS 65001 BGP version 4, remote router ID 192.168.0.1 @@ -98,7 +106,7 @@ BGP neighbor is 10.0.255.1, remote AS 65001 Note that the tab completion works for both peer names and commands. Check out the global table. -``` +```bash $ gobgp global rib Network Next Hop AS_PATH Age Attrs *> 10.3.0.0/16 10.0.255.1 [65001] 00:05:41 [{Origin: 0} {Med: 0}] @@ -112,7 +120,7 @@ $ gobgp global rib You also can look at adjacent rib-in and rib-out: -``` +```bash $ gobgp neighbor 10.0.255.1 adj-in Network Next Hop AS_PATH Age Attrs 10.3.0.0/16 10.0.255.1 [65001] 00:06:55 [{Origin: 0} {Med: 0}] diff --git a/docs/sources/mrt.md b/docs/sources/mrt.md index 5818a8cc..b4ea5fdd 100644 --- a/docs/sources/mrt.md +++ b/docs/sources/mrt.md @@ -17,15 +17,13 @@ You don't need any special configuration for MRT feature. This page assume the configuration below. ```toml -[Global] - [Global.GlobalConfig] - As = 64512 - RouterId = "192.168.255.1" -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.NeighborConfig] - NeighborAddress = "10.0.0.1" - PeerAs = 65001 +[global.config] + as = 64512 + router-id = "192.168.255.1" +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.0.1" + peer-as = 65001 ``` ## <a name="section1">Dump MRT Table v2 Records @@ -90,20 +88,16 @@ rpc error: code = 2 desc = "no local rib for 10.0.0.1" Oops! Before trying this feature, you must enable route server feature. Configuration is something like below. -``` -$ cat gobgpd.conf -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.0.1" - PeerAs = 65001 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.0.1" + peer-as = 65001 + [neighbors.route-server.config] + route-server-client = true ``` OK, let's try again. diff --git a/docs/sources/policy.md b/docs/sources/policy.md index 1e97be6b..b2b5ad33 100644 --- a/docs/sources/policy.md +++ b/docs/sources/policy.md @@ -459,20 +459,20 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps1" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns1" - MatchSetOptions = 1 + MatchSetOptions = "invert" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchCommunitySet] CommunitySet = "community1" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchExtCommunitySet] ExtCommunitySet = "ecommunity1" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchAsPathSet] AsPathSet = "aspath1" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.AsPathLength] Operator = "eq" Value = 2 @@ -510,35 +510,35 @@ You can write condition and action under Statements. | Element | Description | Example | |------------------|---------------------------------------------------------------------------|---------| | PrefixSet | name for DefinedSets.PrefixSets.PrefixSetList that is used in this policy | "ps1" | - | MatchSetOptions | option for the check:<br> 0 means **ANY**,<br> 1 means **INVERT** | 0 | + | MatchSetOptions | option for the check:<br> "any" or "invert". default is "any" | "any" | - PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNegihborSet | Element | Description | Example | |------------------|-------------------------------------------------------------------------------|---------| | NegihborSet | name for DefinedSets.NeighborSets.NeighborSetList that is used in this policy | "ns1" | - | MatchSetOptions | option for the check:<br> 0 means **ANY**,<br> 1 means **INVERT** | 1 | + | MatchSetOptions | option for the check:<br> "any" or "invert". default is "any" | "any" | - PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchCommunitySet | Element | Description | Example | |------------------|------------------------------------------------------------------------------------------------|----------------| | CommunitySet | name for DefinedSets.BgpDefinedSets.CommunitySets.CommunitySetList that is used in this policy | "community1" | - | MatchSetOptions | option for the check:<br> 0 means **ANY**,<br> 1 means **ALL**,<br> 2 means **INVERT** | 0 | + | MatchSetOptions | option for the check:<br> "any" or "all" or "invert". default is "any" | "invert" | - PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchExtCommunitySet | Element | Description | Example | |------------------|------------------------------------------------------------------------------------------------------|---------------| | ExtCommunitySet | name for DefinedSets.BgpDefinedSets.ExtCommunitySets.ExtCommunitySetList that is used in this policy | "ecommunity1" | - | MatchSetOptions | option for the check:<br> 0 means **ANY**,<br> 1 means **ALL**,<br> 2 means **INVERT** | 1 | + | MatchSetOptions | option for the check:<br> "any" or "all" or "invert". default is "any" | "invert" | - PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchAsPathSet | Element | Description | Example | |------------------|------------------------------------------------------------------------------------------------|-----------| | AsPathSet | name for DefinedSets.BgpDefinedSets.AsPathSets.AsPathSetList that is used in this policy | "aspath1" | - | MatchSetOptions | option for the check:<br> 0 means **ANY**,<br> 1 means **ALL**,<br> 2 means **INVERT** | 0 | + | MatchSetOptions | option for the check:<br> "any" or "all" or "invert". default is "any" | "invert" | - PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.AsPathLength @@ -581,9 +581,9 @@ You can write condition and action under Statements. | Value | Description | |--------|---------------------------------------------------------------------------| - | ANY | match is true if given value matches any member of the defined set | - | ALL | match is true if given value matches all members of the defined set | - | INVERT | match is true if given value does not match any member of the defined set | + | any | match is true if given value matches any member of the defined set | + | all | match is true if given value matches all members of the defined set | + | invert | match is true if given value does not match any member of the defined set | @@ -604,10 +604,8 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true @@ -628,10 +626,8 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true @@ -641,10 +637,10 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps2" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns2" - MatchSetOptions = 0 + MatchSetOptions = "any" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true @@ -667,10 +663,8 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true @@ -683,10 +677,8 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps2" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns2" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true @@ -714,20 +706,15 @@ You can write condition and action under Statements. [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] PrefixSet = "ps1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] NeighborSet = "ns1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchCommunitySet] CommunitySet = "community1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchExtCommunitySet] ExtCommunitySet = "ecommunity1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.MatchAsPathSet] AsPathSet = "aspath1" - MatchSetOptions = 0 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions.AsPathLength] Operator = "eq" Value = 2 @@ -757,36 +744,33 @@ attaching them to neighbors. To attach policies to neighbors, you need to add policy's name to Neighbors.NeighborList.ApplyPolicy in the neighbor's setting. This example attatches *policy1* to Import policy and *policy2* to Export policy and *policy3* is used as the In policy. -``` -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 65002 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - [Neighbors.NeighborList.ApplyPolicy] - [Neighbors.NeighborList.ApplyPolicy.Config] - ImportPolicy = ["policy1"] - ExportPolicy = ["policy2"] - InPolicy = ["policy3"] - DefaultImportPolicy = 0 - DefaultExportPolicy = 0 - DefaultInPolicy = 0 +```toml +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 65002 + [neighbors.route-server.config] + route-server-client = true + [neighbors.apply-policy.config] + import-policy-list = ["policy1"] + export-policy-list = ["policy2"] + in-policy-list = ["policy3"] + default-import-policy = "accept-route" + default-export-policy = "accept-route" + default-in-policy = "accept-route" ``` Neighbors.NeighborList has a section to specify policies and the section's name is ApplyPolicy. The ApplyPolicy has 6 elements. -| Element | Description | Example | -|-------------------------|---------------------------------------------------------------------------------------------|------------| -| ImportPolicy | PolicyDefinitions.PolicyDefinitionList.name for Import policy | "policy1" | -| ExportPolicy | PolicyDefinitions.PolicyDefinitionList.name for Export policy | "policy2" | -| InPolicy | PolicyDefinitions.PolicyDefinitionList.name for In policy | "policy3" | -| DefaultImportPolicy | action when the route doesn't match any policy:<br> 0 means Import,<br> 1 means reject | 0 | -| DefaultExportPolicy | action when the route doesn't match any policy:<br> 0 means Export,<br> 1 means discard | 0 | -| DefaultInPolicy | action when the route doesn't match any policy:<br> 0 means In,<br> 1 means reject | 0 | +| Element | Description | Example | +|-------------------------|---------------------------------------------------------------------------------------------|----------------| +| ImportPolicy | PolicyDefinitions.PolicyDefinitionList.name for Import policy | "policy1" | +| ExportPolicy | PolicyDefinitions.PolicyDefinitionList.name for Export policy | "policy2" | +| InPolicy | PolicyDefinitions.PolicyDefinitionList.name for In policy | "policy3" | +| DefaultImportPolicy | action when the route doesn't match any policy:<br> "accept-route" or "reject-route". default is "accept-route" | "accept-route" | +| DefaultExportPolicy | action when the route doesn't match any policy:<br> "accept-route" or "reject-route". default is "accept-route" | "accept-route" | +| DefaultInPolicy | action when the route doesn't match any policy:<br> "accept-route" or "reject-route". default is "accept-route" | "reject-route" | ## Simple configuration example @@ -804,85 +788,71 @@ Neighbor 10.0.255.1 advertises 10.33.0.0/16 and 10.3.0.0/16 routes. We define an import policy for neighbor 10.0.255.2 that drops 10.33.0.0/16 route from Neighbor 10.0.255.1. -``` -[Global] - [Global.GlobalConfig] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 65001 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 65002 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - [Neighbors.NeighborList.ApplyPolicy] - [Neighbors.NeighborList.ApplyPolicy.Config] - ImportPolicy = ["pd2"] - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.3" - PeerAs = 65003 - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - -[DefinedSets] - [DefinedSets.PrefixSets] - [[DefinedSets.PrefixSets.PrefixSetList]] - PrefixSetName = "ps2" - [[DefinedSets.PrefixSets.PrefixSetList.PrefixList]] - IpPrefix = "10.33.0.0/16" - [[DefinedSets.PrefixSets.PrefixSetList.PrefixList]] - IpPrefix = "10.50.0.0/16" - - - [DefinedSets.NeighborSets] - [[DefinedSets.NeighborSets.NeighborSetList]] - NeighborSetName = "ns1" - [[DefinedSets.NeighborSets.NeighborSetList.NeighborInfoList]] - Address = "10.0.255.1" - -[PolicyDefinitions] - [[PolicyDefinitions.PolicyDefinitionList]] - Name = "pd2" - [PolicyDefinitions.PolicyDefinitionList.Statements] - [[PolicyDefinitions.PolicyDefinitionList.Statements.StatementList]] - Name = "statement1" - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchPrefixSet] - PrefixSet = "ps2" - MatchSetOptions = 0 - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.MatchNeighborSet] - NeighborSet = "ns1" - MatchSetOptions = 0 - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] - RejectRoute = true +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 65001 + [neighbors.route-server.config] + route-server-client = true + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 65002 + [neighbors.route-server.config] + route-server-client = true + [neighbors.apply-policy.config] + import-policy-list = ["pd2"] + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.3" + peer-as = 65003 + [neighbors.route-server.config] + route-server-client = true + +[[defined-sets.prefix-sets]] + prefix-set-name = "ps2" + [[defined-sets.prefix-sets.prefix-list]] + ip-prefix = "10.33.0.0/16" + [[defined-sets.prefix-sets.prefix-list]] + ip-prefix = "10.50.0.0/16" + +[[defined-sets.neighbor-sets]] + neighbor-set-name = "ns1" + [[defined-sets.neighbor-sets.neighbor-info-list]] + address = "10.0.255.1" + +[[policy-definitions]] + name = "pd2" + [[policy-definitions.statements]] + name = "statement1" + [policy-definitions.statements.conditions.match-prefix-set] + prefix-set = "ps2" + match-set-options = "any" + [policy-definitions.statements.conditions.match-neighbor-set] + neighbor-set = "ns1" + match-set-options = "any" + [policy-definitions.statements.actions.route-dispodition] + reject-route = true ``` Neighbor 10.0.255.2 has pd2 policy. The pd2 policy consists of ps2 prefix match and ns1 neighbor match. The ps2 specifies 10.33.0.0 and 10.50.0.0 address. The ps2 specifies the mask with **MASK** keyword. **MasklengthRange** keyword can specify the range of mask length like ```MasklengthRange 24..26```. The *ns1* specifies neighbor 10.0.255.1. The pd2 sets multiple condition, This means that only when all match conditions meets, the policy will be applied. -The MatchPrefixSet sets MatchSetOptions to 0. This means that when match to any of PrefixList, the policy will be applied. the policy will be applied to 10.33.0.0/16 or 10.50.0.0 route from neighbor 10.0.255.1. +The MatchPrefixSet sets MatchSetOptions to "any". This means that when match to any of PrefixList, the policy will be applied. the policy will be applied to 10.33.0.0/16 or 10.50.0.0 route from neighbor 10.0.255.1. -If the MatchPrefixSet sets MatchSetOptions to 1, It does not match to any of PrefixList, the policy will be applied. the policy will be applied to other than 10.33.0.0/16 or 10.50.0.0 route from neighbor 10.0.255.1 +If the MatchPrefixSet sets MatchSetOptions to "invert", It does not match to any of PrefixList, the policy will be applied. the policy will be applied to other than 10.33.0.0/16 or 10.50.0.0 route from neighbor 10.0.255.1 Let's confirm that 10.0.255.1 neighbor advertises two routes. -``` +```bash $ gobgp neighbor 10.0.255.1 adj-in Network Next Hop AS_PATH Age Attrs 10.3.0.0/16 10.0.255.1 [65001] 00:51:57 [{Origin: 0} {Med: 0}] @@ -891,7 +861,7 @@ $ gobgp neighbor 10.0.255.1 adj-in Now let's check out if the policy works as expected. -``` +```bash $ gobgp neighbor 10.0.255.2 local Network Next Hop AS_PATH Age Attrs *> 10.3.0.0/16 10.0.255.1 [65001] 00:49:36 [{Origin: 0} {Med: 0}] diff --git a/docs/sources/route-reflector.md b/docs/sources/route-reflector.md index f640564b..ed037656 100644 --- a/docs/sources/route-reflector.md +++ b/docs/sources/route-reflector.md @@ -12,33 +12,35 @@ Configure `RouteReflector.RouteReflectorConfig` section to enable route reflecto The configuration below configures two route reflector clients and two normal iBGP peers. ```toml -[Global] - [Global.Config] - RouterId = "192.168.0.1" - As = 65000 -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "192.168.10.2" - PeerAs = 65000 - [Neighbors.NeighborList.RouteReflector.Config] - RouteReflectorClient = true - RouteReflectorClusterId = "192.168.0.1" - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "192.168.10.3" - PeerAs = 65000 - [Neighbors.NeighborList.RouteReflector.Config] - RouteReflectorClient = true - RouteReflectorClusterId = "192.168.0.1" - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "192.168.10.4" - PeerAs = 65000 - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "192.168.10.5" - PeerAs = 65000 +[global.config] + router-id = "192.168.0.1" + as = 65000 + +[[neighbors]] + [neighbors.config] + neighbor-address = "192.168.10.2" + peer-as = 65000 + [neighbors.route-reflector.config] + route-reflector-client = true + route-reflector-cluster-id = "192.168.0.1" + +[[neighbors]] + [neighbors.config] + neighbor-address = "192.168.10.3" + peer-as = 65000 + [neighbors.route-reflector.config] + route-reflector-client = true + route-reflector-cluster-id = "192.168.0.1" + +[[neighbors]] + [neighbors.config] + neighbor-address = "192.168.10.4" + peer-as = 65000 + +[[neighbors]] + [neighbors.config] + neighbor-address = "192.168.10.5" + peer-as = 65000 ``` ## Check route reflector behavior diff --git a/docs/sources/route-server.md b/docs/sources/route-server.md index f628e02a..95b50efb 100644 --- a/docs/sources/route-server.md +++ b/docs/sources/route-server.md @@ -15,44 +15,37 @@ the configuration file used in [Getting Started](https://github.com/osrg/gobgp/b * GoBGP doesn't try to connect to peers. It only listens and accepts. * MD5 passwords are enabled. -``` -$ cat gobgpd.conf -[Global] - [Global.Config] - As = 64512 - RouterId = "192.168.255.1" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.1" - PeerAs = 65001 - AuthPassword = "hoge1" - [Neighbors.NeighborList.Transport] - [Neighbors.NeighborList.Transport.Config] - PassiveMode = true - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - NeighborAddress = "10.0.255.2" - PeerAs = 65002 - AuthPassword = "hoge2" - [Neighbors.NeighborList.Transport] - [Neighbors.NeighborList.Transport.Config] - PassiveMode = true - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true +```toml +[global.config] + as = 64512 + router-id = "192.168.255.1" + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.1" + peer-as = 65001 + auto-password = "hoge1" + [neighbors.transport.config] + passive-mode = true + [neighbors.route-server.config] + route-server-client = true + +[[neighbors]] + [neighbors.config] + neighbor-address = "10.0.255.2" + peer-as = 65002 + auto-password = "hoge2" + [neighbors.transport.config] + passive-mode = true + [neighbors.route-server.config] + route-server-client = true ``` ## Starting GoBGP Let's start gobgpd: -``` +```bash $ sudo -E gobgpd -f gobgpd.conf {"level":"info","msg":"Peer 10.0.255.1 is added","time":"2015-04-06T22:55:57+09:00"} {"level":"info","msg":"Peer 10.0.255.2 is added","time":"2015-04-06T22:55:57+09:00"} @@ -61,14 +54,14 @@ $ sudo -E gobgpd -f gobgpd.conf GoBGP implements multiple RIBs, that is, each peer has own local RIB. Let's check respectively. -``` +```bash $ gobgp neighbor 10.0.255.1 local Network Next Hop AS_PATH Age Attrs *> 10.3.0.0/24 10.0.255.2 [65002] 00:05:50 [{Origin: 0} {Med: 0}] *> 192.168.2.0/24 10.0.255.2 [65002] 00:05:50 [{Origin: 0} {Med: 0}] ``` -``` +```bash $ gobgp neighbor 10.0.255.2 local Network Next Hop AS_PATH Age Attrs *> 10.3.0.0/16 10.0.255.1 [65001] 00:06:12 [{Origin: 0} {Med: 0}] diff --git a/docs/sources/rpki.md b/docs/sources/rpki.md index f80098ec..eb53fb78 100644 --- a/docs/sources/rpki.md +++ b/docs/sources/rpki.md @@ -20,33 +20,28 @@ file. We use the following file. Note that this is for route server setup but RPKI can be used with non route server setup. ```toml -[Global] - [Global.Config] - As = 64512 - RouterId = "10.0.255.254" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - PeerAs = 65001 - NeighborAddress = "10.0.255.1" - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - PeerAs = 65002 - NeighborAddress = "10.0.255.2" - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - -[RpkiServers] - [[RpkiServers.RpkiServerList]] - [RpkiServers.RpkiServerList.Config] - Address = "210.173.170.254" - Port = 323 +[global.config] +as = 64512 +router-id = "10.0.255.254" + +[[neighbors]] + [neighbors.config] + peer-as = 65001 + neighbor-address = "10.0.255.1" + [neighbors.route-server.config] + route-server-client = true + +[[neighbors]] + [neighbors.config] + peer-as = 65002 + neighbor-address = "10.0.255.2" + [neighbors.route-server.config] + route-server-client = true + +[[rpki-servers]] + [rpki-servers.config] + address = "210.173.170.254" + port = 323 ``` ## <a name="section1"> Validation @@ -125,59 +120,49 @@ $ gobgp neighbor 10.0.255.2 local We add a policy to the above configuration. ```toml -[Global] - [Global.Config] - As = 64512 - RouterId = "10.0.255.254" - -[Neighbors] - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - PeerAs = 65001 - NeighborAddress = "10.0.255.1" - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - - [[Neighbors.NeighborList]] - [Neighbors.NeighborList.Config] - PeerAs = 65002 - NeighborAddress = "10.0.255.2" - [Neighbors.NeighborList.RouteServer] - [Neighbors.NeighborList.RouteServer.Config] - RouteServerClient = true - [Neighbors.NeighborList.ApplyPolicy] - [Neighbors.NeighborList.ApplyPolicy.Config] - ImportPolicy = ["AS65002-IMPORT-RPKI"] - -[RpkiServers] - [[RpkiServers.RpkiServerList]] - [RpkiServers.RpkiServerList.Config] - Address = "210.173.170.254" - Port = 323 - -[PolicyDefinitions] - [[PolicyDefinitions.PolicyDefinitionList]] - Name = "AS65002-IMPORT-RPKI" - [PolicyDefinitions.PolicyDefinitionList.Statements] - [[PolicyDefinitions.PolicyDefinitionList.Statements.StatementList]] - Name = "statement1" - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions] - RpkiValidationResult = 3 - - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] - [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] - RejectRoute = true +[global.config] +as = 64512 +router-id = "10.0.255.254" + +[[neighbors]] + [neighbors.config] + peer-as = 65001 + neighbor-address = "10.0.255.1" + [neighbors.route-server.config] + route-server-client = true + +[[neighbors]] + [neighbors.config] + peer-as = 65002 + neighbor-address = "10.0.255.2" + [neighbors.route-server.config] + route-server-client = true + [neighbors.apply-policy-config] + import-policy-list = ["AS65002-IMPORT-RPKI"] + + +[[rpki-servers]] + [rpki-servers.config] + address = "210.173.170.254" + port = 323 + +[[policy-definitions]] + name = "AS65002-IMPORT-RPKI" + [[policy-definitions.statements]] + name = "statement1" + [policy-definitions.statements.conditions.bgp-conditions] + rpki-validation-result = "invalid" + [policy-definitions.statements.conditions.actions.route-disposition] + reject-route = true ``` The value for **RpkiValidationResult** are defined as below. -| Validation Result | Value | -|-------------------|-------| -| Not Found | 1 | -| Valid | 2 | -| Invalid | 3 | +| Validation Result | Value | +|-------------------|-----------------| +| Not Found | "not-found" | +| Valid | "valid" | +| Invalid | "invalid" | With the new configuration, the IMPORT policy rejects the invalid 2.1.0.0/16. diff --git a/docs/sources/zebra.md b/docs/sources/zebra.md index 1b0c53d8..9b1233e1 100644 --- a/docs/sources/zebra.md +++ b/docs/sources/zebra.md @@ -17,12 +17,10 @@ Assume you finished [Getting Started](https://github.com/osrg/gobgp/blob/master/ You need to enable the zebra feature in the Global configuration as follows. ```toml -[Global] - [Global.Zebra] - Enabled = true - Url = "unix:/var/run/quagga/zserv.api" - [[Global.Zebra.RedistributeRouteTypeList]] - RouteType = "connect" +[globa.zebra] + enabled = true + url = "unix:/var/run/quagga/zserv.api" + redistribute-route-type-list = ["connect"] ``` You can skip Url. If it's skipped, GoBGP uses "unix:/var/run/quagga/zserv.api" as the Url. |