Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Commands added for supporting IPv4 MPLS Layer 3 VPN. #4

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

KaushikNiral
Copy link
Contributor

  1. New address-family ipv4-vpn added.
  2. New neighbor command added for address-family ipv4-vpn.
  3. New label command added inside address-family ipv4-unicast.
  4. Json script for all the above commands are handled.

@KaushikNiral KaushikNiral force-pushed the niral_v4_mpls_l3_vpn_support branch from 3b4711b to fb1fb81 Compare April 14, 2020 18:44
@@ -1291,6 +1352,95 @@ module vyatta-protocols-frr-bgp-v1 {
}
uses neigh_peer_grp_ipv4_lists;
}

container ipv4-vpn {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This container is under the peer-group configuration rather than the neighbor configuration, but the command translations above are looking for neighbor configuration.

So I'm not sure these diffs are working right now? If you want per-neighbor configuration then I think this should be under the bgp-params-neighbor grouping.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, actually the container ipv4-vpn is placed under the bgp-params-neighbor grouping but somehow it went in wrong place in this PR.
It is fixed now, will send it for review shortly.
I have attached a screenshot verifying that.
Saving-FRR_Config_file

@@ -68,6 +68,32 @@ module vyatta-protocols-frr-bgp-v1 {
description "Inital version.";
}

typedef rt-rd {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file uses Tab characters for indentation. Please could you use the same for your additions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We tried to fix this issue.
We will send for review shortly.

@@ -68,6 +68,32 @@ module vyatta-protocols-frr-bgp-v1 {
description "Inital version.";
}

typedef rt-rd {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any change to a YANG file requires that you add a new revision statement for the change.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Wivory,
This we have resolved.

Copy link

@wivory wivory Apr 17, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You've not tested this have you? Our YANG compiler will refuse to accept this as the revision statements are not in reverse chronological order. The 'pyang' tool will also object.

NB - if you have tested this, and your image boots and is configurable with this YANG, please let me know as it certainly shouldn't be working!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Wivory,

We have tested it but we replaced the old revision statement with new one so we didn't see this issue.
We have added the new revision statement in the correct order and tested.
This changes are also committed.

Thanks,

uses peer-grp-neighbor-afi-common-settings {
refine filter-list/export {
must "not(../../peer-group)" {
error-message "You may not configure filter-list export for a neighbor in peer-group\n";
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IETF max line length is 73 characters, and in DANOS we generally stick to under 80 characters for YANG files so you don't end up having to scroll sideways to read some lines (which really slows down reviews). You also lose the context of the surrounding lines if they disappear off the left of the screen.

Furthermore, in this case you have a set of multiple changes close enough together that the side-scroll bar is miles down the page, making it incredibly difficult to scroll sideways. I have to page down, scroll sideways, then page back up again.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We understand the issue.
We tried to be consistent with the existing file, so we did it in that manner.

Now we have tried to rectify line length our part of code. Please have a look and suggest.

}
}
}
uses neigh_peer_grp_ipv4_lists {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For future reference, please always use hyphens in names, never underscores.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay we will follow that.
But here the grouping is already mentioned in this way so we just used in our container ipv4-vpn.

Thanks.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wasn't asking you to change existing code - that's unnecessary churn. Just making a recommendation for naming in future as a matter of style / consistency.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay got it.

Thanks,

@dewi-morgan
Copy link

dewi-morgan commented Apr 16, 2020

Can you please detail the testing you have performed and which topologies ?

Are you testing vrf leaking or bgp mpls l3vpn ? If the later, I don't see the frr label vpn export auto under address-family ipv4-unicast being used, only static label value; is there a reason for not providing auto ?

If you have an l3vpn topology (ce-pe-p-pe-ce), can you provide additional detail e.g. the output of sudo ip route show vrfVRFNAME and sh dataplane route routing-instance VRFNAME for the bgp label stack being used on each PE router ? Also the corresponding ILM table sudo ip -f mpls route show and sh dataplane mpls label-table on each PE router ?

Thank you,

KaushikNiral and others added 3 commits April 16, 2020 17:02
1. New address-family ipv4-vpn added.
2. New neighbor command added for address-family ipv4-vpn.
3. New label command added inside address-family ipv4-unicast.
4. Json script for all the above commands are handled.

Signed-off-by: kaushik <[email protected]>
Signed-off-by: harios <[email protected]>
1. The container ipv4-vpn added under bgp-params-neighbor grouping.
2. The issue with indentation is resolved.

Signed-off-by: harios <[email protected]>
1. Revision added.
2. Rectified indentation.

Signed-off-by: harios <[email protected]>
@hariosniral hariosniral force-pushed the niral_v4_mpls_l3_vpn_support branch from 9218513 to 7a05e84 Compare April 16, 2020 11:33
@KaushikNiral
Copy link
Contributor Author

Can you please detail the testing you have performed and which topologies ?

Are you testing vrf leaking or bgp mpls l3vpn ? If the later, I don't see the frr label vpn export auto under address-family ipv4-unicast being used, only static label value; is there a reason for not providing auto ?

If you have an l3vpn topology (ce-pe-p-pe-ce), can you provide additional detail e.g. the output of sudo ip route show vrfVRFNAME and sh dataplane route routing-instance VRFNAME for the bgp label stack being used on each PE router ? Also the corresponding ILM table sudo ip -f mpls route show and sh dataplane mpls label-table on each PE router ?

Thank you,

Hi @dewi-morgan ,

Sure, we will share you the details of our topology.
We have performed the IPv4 BGP MPLS L3VPN test. We are initially trying to do it with static labels so we added label vpn export under address-family ipv4-unicast where label value ranges from <0-1048575>.
In the coming days we will also add label vpn export auto under address-family ipv4-unicast.
We are also working in the vyatta-dataplane for making the IPv4 BGP MPLS L3VPN functional end to end.
FYI we have tested this feature with FRR version 7.3
Please find all the screenshot attached below.

  1. The Topology (ce-pe-p-pe-ce)
    R1 and R5 are CE (gns3)
    R2 is PE (gns3)
    R3 is P (gns3)
    cloud 1 is PE ( DANOS )
    setup

  2. Display of sudo ip route show vrfVRFNAME
    ip_route_routing_instance_table

  3. Display of sh dataplane route routing-instance VRFNAME
    dataplane_route_routing_instance_table

  4. Display of ILM table sudo ip -f mpls route show
    ip-f_mpls_route_table

  5. Display of sh dataplane mpls label-table
    dataplane_mpls_label-table

The dataplane mpls label-table is not populated so we are debugging this in vyatta-dataplane.

Thanks,

1 Added correctly the new revision statement for the changes.

Signed-off-by: harios <[email protected]>
@hariosniral hariosniral force-pushed the niral_v4_mpls_l3_vpn_support branch from 2678cfc to bf6b3c1 Compare April 17, 2020 14:42
Copy link

@wivory wivory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

YANG changes approved.

configd:help "BGP IPv4 VPN settings";
uses network-ipv4-vpn;
}
container ipv4-vpn {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than use container ipv4-vpn, can this be changed to vpnv4-unicast ? I understand that the ipv4-vpn is used by the underlying frr configuration, but the vpnv4-unicast / vpnv6-unicast naming is in line with other vendors usage. The mapping would then be from vpnv4-unicast to ipv4-vpn to generate the corresponding frr config from the yang.

Copy link
Contributor Author

@KaushikNiral KaushikNiral May 11, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than use container ipv4-vpn, can this be changed to vpnv4-unicast ? I understand that the ipv4-vpn is used by the underlying frr configuration, but the vpnv4-unicast / vpnv6-unicast naming is in line with other vendors usage. The mapping would then be from vpnv4-unicast to ipv4-vpn to generate the corresponding frr config from the yang.

Hi ,

We took a note for the change you mentioned here.
When we send PR on the commands for supporting 6PE and 6VPE feature we will rectify that.

Thanks,
Kaushik

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, Thank You,

1. Added "vpnv6-unicast" and "ipv6-labeled-unicast" address family in bgp.
2. Added support for "label vpn export auto" in bgp.
3. The address-family "ipv4-vpn" is now replaced with "vpnv4-unicast".

Signed-off-by: harios <[email protected]>
@hariosniral hariosniral force-pushed the niral_v4_mpls_l3_vpn_support branch from f8dacd5 to b75fdd8 Compare May 19, 2020 12:14
@deastoe
Copy link
Contributor

deastoe commented Nov 27, 2020

Hi @KaushikNiral, @hariosniral,

There are now some conflicts in these diffs. Please could you do a rebase and squash, then we can finish the review and get this merged.

To resolve the revision statement conflicts, please simply update the description on the existing "2020-11-23" revision.

Thanks.

Copy link

@dewi-morgan dewi-morgan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think bgp should be allocating labels rather than asking the user to select a static label. We should now allow the user to select static bgp vpn labels in the yang. Setting "label vpn export auto" allocates and programs an ILM vpn bgp label. I think this configuration can be applied via the configs/commands/bgp_vrf.json instead e.g.

"/routing/routing-instance/@element/protocols/bgp/@element/address-family/ipv4-unicast/route-distinguisher": ["rd vpn export {/@text}", "import vpn", "export vpn", "label vpn export auto"],

type rt-rd;
default "100:1";
}
leaf label {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this needed ? bgp should allocate the vpn label. The "label vpn export auto" configuration assigns a vrf label ? Why can't this be done instead of using a static label ?

leaf export {
description "For routes leaked from current address-family to vpn";
configd:help "For routes leaked from current address-family to vpn";
type uint32 {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this needed ? bgp should allocate the vpn label. The "label vpn export auto" configuration assigns a vrf label ? Why can't this be done instead of using a static label ?

leaf addr {
description "BGP network";
type types:ipv4-prefix {
configd:normalize "normalize ipv4-prefix";

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this required from ? Doesn't it make more sense to specify the network from the routing instance for the address family ? Which rd is used if you configure e.g.

set protocols bgp 65201 address-family ipv4-vpn network 1.2.3.0/24

type rt-rd;
default "100:1";
}
leaf label {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setting a static vpn label should not be necessary. I don't think this should be exposed in the yang.

description "For routes leaked from current address-family to vpn";
configd:help "For routes leaked from current address-family to vpn";
type union {
type uint32 {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think setting a static vpn label is necessary. I don't think this should be exposed in the yang.

configd:help "For routes leaked from current address-family to vpn";
type union {
type uint32 {
range 0..1048575;

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comment, I don't think setting a static bgp label should be exposed in the yang.

@ekoyle
Copy link

ekoyle commented Jul 7, 2021

What is left for this issue? Is it only hung up on the static labels?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants