-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Commands added for supporting IPv4 MPLS Layer 3 VPN. #4
base: master
Are you sure you want to change the base?
Commands added for supporting IPv4 MPLS Layer 3 VPN. #4
Conversation
KaushikNiral
commented
Apr 14, 2020
- New address-family ipv4-vpn added.
- New neighbor command added for address-family ipv4-vpn.
- New label command added inside address-family ipv4-unicast.
- Json script for all the above commands are handled.
3b4711b
to
fb1fb81
Compare
@@ -1291,6 +1352,95 @@ module vyatta-protocols-frr-bgp-v1 { | |||
} | |||
uses neigh_peer_grp_ipv4_lists; | |||
} | |||
|
|||
container ipv4-vpn { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This container is under the peer-group configuration rather than the neighbor configuration, but the command translations above are looking for neighbor configuration.
So I'm not sure these diffs are working right now? If you want per-neighbor configuration then I think this should be under the bgp-params-neighbor grouping.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -68,6 +68,32 @@ module vyatta-protocols-frr-bgp-v1 { | |||
description "Inital version."; | |||
} | |||
|
|||
typedef rt-rd { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file uses Tab characters for indentation. Please could you use the same for your additions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We tried to fix this issue.
We will send for review shortly.
@@ -68,6 +68,32 @@ module vyatta-protocols-frr-bgp-v1 { | |||
description "Inital version."; | |||
} | |||
|
|||
typedef rt-rd { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any change to a YANG file requires that you add a new revision statement for the change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi Wivory,
This we have resolved.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've not tested this have you? Our YANG compiler will refuse to accept this as the revision statements are not in reverse chronological order. The 'pyang' tool will also object.
NB - if you have tested this, and your image boots and is configurable with this YANG, please let me know as it certainly shouldn't be working!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi Wivory,
We have tested it but we replaced the old revision statement with new one so we didn't see this issue.
We have added the new revision statement in the correct order and tested.
This changes are also committed.
Thanks,
uses peer-grp-neighbor-afi-common-settings { | ||
refine filter-list/export { | ||
must "not(../../peer-group)" { | ||
error-message "You may not configure filter-list export for a neighbor in peer-group\n"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IETF max line length is 73 characters, and in DANOS we generally stick to under 80 characters for YANG files so you don't end up having to scroll sideways to read some lines (which really slows down reviews). You also lose the context of the surrounding lines if they disappear off the left of the screen.
Furthermore, in this case you have a set of multiple changes close enough together that the side-scroll bar is miles down the page, making it incredibly difficult to scroll sideways. I have to page down, scroll sideways, then page back up again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We understand the issue.
We tried to be consistent with the existing file, so we did it in that manner.
Now we have tried to rectify line length our part of code. Please have a look and suggest.
} | ||
} | ||
} | ||
uses neigh_peer_grp_ipv4_lists { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For future reference, please always use hyphens in names, never underscores.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay we will follow that.
But here the grouping is already mentioned in this way so we just used in our container ipv4-vpn.
Thanks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wasn't asking you to change existing code - that's unnecessary churn. Just making a recommendation for naming in future as a matter of style / consistency.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay got it.
Thanks,
Can you please detail the testing you have performed and which topologies ? Are you testing vrf leaking or bgp mpls l3vpn ? If the later, I don't see the frr label vpn export auto under address-family ipv4-unicast being used, only static label value; is there a reason for not providing auto ? If you have an l3vpn topology (ce-pe-p-pe-ce), can you provide additional detail e.g. the output of sudo ip route show vrfVRFNAME and sh dataplane route routing-instance VRFNAME for the bgp label stack being used on each PE router ? Also the corresponding ILM table sudo ip -f mpls route show and sh dataplane mpls label-table on each PE router ? Thank you, |
1. New address-family ipv4-vpn added. 2. New neighbor command added for address-family ipv4-vpn. 3. New label command added inside address-family ipv4-unicast. 4. Json script for all the above commands are handled. Signed-off-by: kaushik <[email protected]> Signed-off-by: harios <[email protected]>
1. The container ipv4-vpn added under bgp-params-neighbor grouping. 2. The issue with indentation is resolved. Signed-off-by: harios <[email protected]>
1. Revision added. 2. Rectified indentation. Signed-off-by: harios <[email protected]>
9218513
to
7a05e84
Compare
Hi @dewi-morgan , Sure, we will share you the details of our topology.
The dataplane mpls label-table is not populated so we are debugging this in vyatta-dataplane. Thanks, |
1 Added correctly the new revision statement for the changes. Signed-off-by: harios <[email protected]>
2678cfc
to
bf6b3c1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
YANG changes approved.
configd:help "BGP IPv4 VPN settings"; | ||
uses network-ipv4-vpn; | ||
} | ||
container ipv4-vpn { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rather than use container ipv4-vpn, can this be changed to vpnv4-unicast ? I understand that the ipv4-vpn is used by the underlying frr configuration, but the vpnv4-unicast / vpnv6-unicast naming is in line with other vendors usage. The mapping would then be from vpnv4-unicast to ipv4-vpn to generate the corresponding frr config from the yang.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rather than use container ipv4-vpn, can this be changed to vpnv4-unicast ? I understand that the ipv4-vpn is used by the underlying frr configuration, but the vpnv4-unicast / vpnv6-unicast naming is in line with other vendors usage. The mapping would then be from vpnv4-unicast to ipv4-vpn to generate the corresponding frr config from the yang.
Hi ,
We took a note for the change you mentioned here.
When we send PR on the commands for supporting 6PE and 6VPE feature we will rectify that.
Thanks,
Kaushik
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good, Thank You,
1. Added "vpnv6-unicast" and "ipv6-labeled-unicast" address family in bgp. 2. Added support for "label vpn export auto" in bgp. 3. The address-family "ipv4-vpn" is now replaced with "vpnv4-unicast". Signed-off-by: harios <[email protected]>
f8dacd5
to
b75fdd8
Compare
Hi @KaushikNiral, @hariosniral, There are now some conflicts in these diffs. Please could you do a rebase and squash, then we can finish the review and get this merged. To resolve the revision statement conflicts, please simply update the description on the existing "2020-11-23" revision. Thanks. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think bgp should be allocating labels rather than asking the user to select a static label. We should now allow the user to select static bgp vpn labels in the yang. Setting "label vpn export auto" allocates and programs an ILM vpn bgp label. I think this configuration can be applied via the configs/commands/bgp_vrf.json instead e.g.
"/routing/routing-instance/@element/protocols/bgp/@element/address-family/ipv4-unicast/route-distinguisher": ["rd vpn export {/@text}", "import vpn", "export vpn", "label vpn export auto"],
type rt-rd; | ||
default "100:1"; | ||
} | ||
leaf label { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this needed ? bgp should allocate the vpn label. The "label vpn export auto" configuration assigns a vrf label ? Why can't this be done instead of using a static label ?
leaf export { | ||
description "For routes leaked from current address-family to vpn"; | ||
configd:help "For routes leaked from current address-family to vpn"; | ||
type uint32 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this needed ? bgp should allocate the vpn label. The "label vpn export auto" configuration assigns a vrf label ? Why can't this be done instead of using a static label ?
leaf addr { | ||
description "BGP network"; | ||
type types:ipv4-prefix { | ||
configd:normalize "normalize ipv4-prefix"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this required from ? Doesn't it make more sense to specify the network from the routing instance for the address family ? Which rd is used if you configure e.g.
set protocols bgp 65201 address-family ipv4-vpn network 1.2.3.0/24
type rt-rd; | ||
default "100:1"; | ||
} | ||
leaf label { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
setting a static vpn label should not be necessary. I don't think this should be exposed in the yang.
description "For routes leaked from current address-family to vpn"; | ||
configd:help "For routes leaked from current address-family to vpn"; | ||
type union { | ||
type uint32 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think setting a static vpn label is necessary. I don't think this should be exposed in the yang.
configd:help "For routes leaked from current address-family to vpn"; | ||
type union { | ||
type uint32 { | ||
range 0..1048575; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same comment, I don't think setting a static bgp label should be exposed in the yang.
What is left for this issue? Is it only hung up on the static labels? |