Hi team ,
I've made some tests, over the last version frr 8.4, and I found a behavior that this configuration doesn't allow to load full route-map with sentences on FRR (however, our cli allows to configure it /show)
vyos cli- export policy: set policy prefix-list PFX-ALL rule 10 action 'permit' set policy prefix-list PFX-ALL rule 10 prefix '0.0.0.0/0' set policy prefix-list PFX-BGP-RESERVED rule 10 action 'deny' set policy prefix-list PFX-BGP-RESERVED rule 10 prefix '192.168.100.0/26' set policy community-list COMM-AS65599-INTERNAL-DEL1 rule 10 action 'permit' set policy community-list COMM-AS65599-INTERNAL-DEL1 rule 10 regex '1001:111' set policy community-list COMM-AS65599-MATCH-BLH1 rule 10 action 'permit' set policy community-list COMM-AS65599-MATCH-BLH1 rule 10 regex '1001:666' set policy community-list COMM-ISP1-AS1001-MATCH-ADV1 rule 10 action 'permit' set policy community-list COMM-ISP1-AS1001-MATCH-ADV1 rule 10 regex '1001:111' set policy community-list COMM-ISP1-AS1001-MATCH-FLT1 rule 10 action 'permit' set policy community-list COMM-ISP1-AS1001-MATCH-FLT1 rule 10 regex '666:666' ! set policy route-map MAP-ISP1-AS1001-EXPORT rule 10 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 10 match ip address prefix-list 'PFX-BGP-RESERVED' set policy route-map MAP-ISP1-AS1001-EXPORT rule 20 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 20 match community community-list 'COMM-ISP1-AS1001-MATCH-FLT1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 continue '100' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 match community community-list 'COMM-AS65599-MATCH-BLH1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 set community add '1001:666' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 action 'permit' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 continue '130' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 match community community-list 'COMM-ISP1-AS1001-MATCH-ADV1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 130 action 'permit' set policy route-map MAP-ISP1-AS1001-EXPORT rule 130 match ip address prefix-list PFX-ALL import: set policy route-map MAP-ISP1-AS1001-IMPORT rule 10 match ip address prefix-list 'PFX-BGP-RESERVED' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 action 'permit' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 continue '200' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 match community community-list 'COMM-AS65599-INTERNAL-DEL1' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 set community delete 'COMM-AS65599-INTERNAL-DEL1' set policy route-map MAP-ISP1-AS1001-IMPORT rule 200 action 'permit'
if only configure the import policy , it works without issues ,when i add the export policy is not able to load full configuration :
vyos@vyos-main-rt# run show configuration commands | match route-map set policy route-map MAP-ISP1-AS1001-EXPORT rule 10 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 10 match ip address prefix-list 'PFX-BGP-RESERVED' set policy route-map MAP-ISP1-AS1001-EXPORT rule 20 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 20 match community community-list 'COMM-ISP1-AS1001-MATCH-FLT1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 action 'deny' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 continue '100' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 match community community-list 'COMM-AS65599-MATCH-BLH1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 50 set community add '1001:666' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 action 'permit' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 continue '130' set policy route-map MAP-ISP1-AS1001-EXPORT rule 100 match community community-list 'COMM-ISP1-AS1001-MATCH-ADV1' set policy route-map MAP-ISP1-AS1001-EXPORT rule 130 action 'permit' set policy route-map MAP-ISP1-AS1001-EXPORT rule 130 match ip address prefix-list 'PFX-ALL' set policy route-map MAP-ISP1-AS1001-IMPORT rule 10 action 'deny' set policy route-map MAP-ISP1-AS1001-IMPORT rule 10 match ip address prefix-list 'PFX-BGP-RESERVED' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 action 'permit' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 continue '200' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 match community community-list 'COMM-AS65599-INTERNAL-DEL1' set policy route-map MAP-ISP1-AS1001-IMPORT rule 100 set community delete 'COMM-AS65599-INTERNAL-DEL1' set policy route-map MAP-ISP1-AS1001-IMPORT rule 200 action 'permit' set policy route-map MAP-ISP1-AS1001-IMPORT rule 200 set community add '65535:1001' set vrf name VRF-CR201-ISP1 protocols bgp neighbor 172.16.61.97 address-family ipv4-unicast route-map import 'MAP-ISP1-AS1001-IMPORT' [edit] vyos@vyos-main-rt# sudo vtysh -c "show run" frr version 8.4 frr defaults traditional hostname vyos-main-rt bgp community-list expanded COMM-AS65599-INTERNAL-DEL1 seq 10 permit 1001:111 bgp community-list expanded COMM-AS65599-MATCH-BLH1 seq 10 permit 1001:666 bgp community-list expanded COMM-ISP1-AS1001-MATCH-ADV1 seq 10 permit 1001:111 bgp community-list expanded COMM-ISP1-AS1001-MATCH-ADV2 seq 10 permit ^64[6-8][0-9][0-9]:123$ bgp community-list expanded COMM-ISP1-AS1001-MATCH-ADV3 seq 10 permit ^64[6-8][0-9][0-9]:123$ bgp community-list expanded COMM-ISP1-AS1001-MATCH-CUST-ACCEPT seq 10 permit 65599:1001 bgp community-list expanded COMM-ISP1-AS1001-MATCH-CUST-ACCEPT1 seq 10 permit 65599:1001 bgp community-list expanded COMM-ISP1-AS1001-MATCH-FLT1 seq 10 permit 666:666 ! rpki exit ! end
vyos@vyos-main-rt# run show version
Version: VyOS 1.4-rolling-202211090847