diff --git a/data/templates/frr/policy.frr.tmpl b/data/templates/frr/policy.frr.tmpl index 881afa21f..507ee2a14 100644 --- a/data/templates/frr/policy.frr.tmpl +++ b/data/templates/frr/policy.frr.tmpl @@ -1,301 +1,304 @@ ! {% if access_list is defined and access_list is not none %} {% for acl, acl_config in access_list.items() | natural_sort %} {% if acl_config.description is defined and acl_config.description is not none %} access-list {{ acl }} remark {{ acl_config.description }} {% endif %} {% if acl_config.rule is defined and acl_config.rule is not none %} {% for rule, rule_config in acl_config.rule.items() | natural_sort %} {% set ip = '' %} {% set src = '' %} {% set src_mask = '' %} {% if rule_config.source is defined and rule_config.source.any is defined %} {% set src = 'any' %} {% elif rule_config.source is defined and rule_config.source.host is defined and rule_config.source.host is not none %} {% set src = 'host ' + rule_config.source.host %} {% elif rule_config.source is defined and rule_config.source.network is defined and rule_config.source.network is not none %} {% set src = rule_config.source.network %} {% set src_mask = rule_config.source.inverse_mask %} {% endif %} {% set dst = '' %} {% set dst_mask = '' %} {% if (acl|int >= 100 and acl|int <= 199) or (acl|int >= 2000 and acl|int <= 2699) %} {% set ip = 'ip' %} {% set dst = 'any' %} {% if rule_config.destination is defined and rule_config.destination.any is defined %} {% set dst = 'any' %} {% elif rule_config.destination is defined and rule_config.destination.host is defined and rule_config.destination.host is not none %} {% set dst = 'host ' + rule_config.destination.host %} {% elif rule_config.destination is defined and rule_config.destination.network is defined and rule_config.destination.network is not none %} {% set dst = rule_config.destination.network %} {% set dst_mask = rule_config.destination.inverse_mask %} {% endif %} {% endif %} access-list {{ acl }} seq {{ rule }} {{ rule_config.action }} {{ ip }} {{ src }} {{ src_mask }} {{ dst }} {{ dst_mask }} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if access_list6 is defined and access_list6 is not none %} {% for acl, acl_config in access_list6.items() | natural_sort %} {% if acl_config.description is defined and acl_config.description is not none %} ipv6 access-list {{ acl }} remark {{ acl_config.description }} {% endif %} {% if acl_config.rule is defined and acl_config.rule is not none %} {% for rule, rule_config in acl_config.rule.items() | natural_sort %} {% set src = '' %} {% if rule_config.source is defined and rule_config.source.any is defined %} {% set src = 'any' %} {% elif rule_config.source is defined and rule_config.source.network is defined and rule_config.source.network is not none %} {% set src = rule_config.source.network %} {% endif %} ipv6 access-list {{ acl }} seq {{ rule }} {{ rule_config.action }} {{ src }} {{ 'exact-match' if rule_config.source.exact_match is defined }} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if as_path_list is defined and as_path_list is not none %} {% for acl, acl_config in as_path_list.items() | natural_sort %} {% if acl_config.rule is defined and acl_config.rule is not none %} {% for rule, rule_config in acl_config.rule.items() | natural_sort %} bgp as-path access-list {{ acl }} {{ rule_config.action }} {{ rule_config.regex }} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if community_list is defined and community_list is not none %} {% for list, list_config in community_list.items() | natural_sort %} {% if list_config.rule is defined and list_config.rule is not none %} {% for rule, rule_config in list_config.rule.items() | natural_sort %} {# by default, if casting to int fails it returns 0 #} {% if list|int != 0 %} bgp community-list {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% else %} bgp community-list expanded {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% endif %} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if extcommunity_list is defined and extcommunity_list is not none %} {% for list, list_config in extcommunity_list.items() | natural_sort %} {% if list_config.rule is defined and list_config.rule is not none %} {% for rule, rule_config in list_config.rule.items() | natural_sort %} {# by default, if casting to int fails it returns 0 #} {% if list|int != 0 %} bgp extcommunity-list {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% else %} bgp extcommunity-list expanded {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% endif %} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if large_community_list is defined and large_community_list is not none %} {% for list, list_config in large_community_list.items() | natural_sort %} {% if list_config.rule is defined and list_config.rule is not none %} {% for rule, rule_config in list_config.rule.items() | natural_sort %} {# by default, if casting to int fails it returns 0 #} {% if list|int != 0 %} bgp large-community-list {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% else %} bgp large-community-list expanded {{ list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% endif %} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if prefix_list is defined and prefix_list is not none %} {% for prefix_list, prefix_list_config in prefix_list.items() | natural_sort %} {% if prefix_list_config.description is defined and prefix_list_config.description is not none %} ip prefix-list {{ prefix_list }} description {{ prefix_list_config.description }} {% endif %} {% if prefix_list_config.rule is defined and prefix_list_config.rule is not none %} {% for rule, rule_config in prefix_list_config.rule.items() | natural_sort %} {% if rule_config.prefix is defined and rule_config.prefix is not none %} ip prefix-list {{ prefix_list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.prefix }} {{ 'ge ' + rule_config.ge if rule_config.ge is defined }} {{ 'le ' + rule_config.le if rule_config.le is defined }} {% endif %} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if prefix_list6 is defined and prefix_list6 is not none %} {% for prefix_list, prefix_list_config in prefix_list6.items() | natural_sort %} {% if prefix_list_config.description is defined and prefix_list_config.description is not none %} ipv6 prefix-list {{ prefix_list }} description {{ prefix_list_config.description }} {% endif %} {% if prefix_list_config.rule is defined and prefix_list_config.rule is not none %} {% for rule, rule_config in prefix_list_config.rule.items() | natural_sort %} {% if rule_config.prefix is defined and rule_config.prefix is not none %} ipv6 prefix-list {{ prefix_list }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.prefix }} {{ 'ge ' + rule_config.ge if rule_config.ge is defined }} {{ 'le ' + rule_config.le if rule_config.le is defined }} {% endif %} {% endfor %} {% endif %} {% endfor %} {% endif %} ! {% if route_map is defined and route_map is not none %} {% for route_map, route_map_config in route_map.items() | natural_sort %} {% if route_map_config.rule is defined and route_map_config.rule is not none %} {% for rule, rule_config in route_map_config.rule.items() | natural_sort %} route-map {{ route_map }} {{ rule_config.action }} {{ rule }} {% if rule_config.call is defined and rule_config.call is not none %} call {{ rule_config.call }} {% endif %} {% if rule_config.continue is defined and rule_config.continue is not none %} on-match goto {{ rule_config.continue }} {% endif %} {% if rule_config.description is defined and rule_config.description is not none %} description {{ rule_config.description }} {% endif %} {% if rule_config.match is defined and rule_config.match is not none %} {% if rule_config.match.as_path is defined and rule_config.match.as_path is not none %} match as-path {{ rule_config.match.as_path }} {% endif %} {% if rule_config.match.community is defined and rule_config.match.community.community_list is defined and rule_config.match.community.community_list is not none %} match community {{ rule_config.match.community.community_list }} {{ 'exact-match' if rule_config.match.community.exact_match is defined }} {% endif %} {% if rule_config.match.extcommunity is defined and rule_config.match.extcommunity is not none %} match extcommunity {{ rule_config.match.extcommunity }} {% endif %} {% if rule_config.match.interface is defined and rule_config.match.interface is not none %} match interface {{ rule_config.match.interface }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.address is defined and rule_config.match.ip.address.access_list is defined and rule_config.match.ip.address.access_list is not none %} match ip address {{ rule_config.match.ip.address.access_list }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.address is defined and rule_config.match.ip.address.prefix_list is defined and rule_config.match.ip.address.prefix_list is not none %} match ip address prefix-list {{ rule_config.match.ip.address.prefix_list }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.nexthop is defined and rule_config.match.ip.nexthop.access_list is defined and rule_config.match.ip.nexthop.access_list is not none %} match ip next-hop {{ rule_config.match.ip.nexthop.access_list }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.nexthop is defined and rule_config.match.ip.nexthop.prefix_list is defined and rule_config.match.ip.nexthop.prefix_list is not none %} match ip next-hop prefix-list {{ rule_config.match.ip.nexthop.prefix_list }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.route_source is defined and rule_config.match.ip.route_source.access_list is defined and rule_config.match.ip.route_source.access_list is not none %} match ip route-source {{ rule_config.match.ip.route_source.access_list }} {% endif %} {% if rule_config.match.ip is defined and rule_config.match.ip.route_source is defined and rule_config.match.ip.route_source.prefix_list is defined and rule_config.match.ip.route_source.prefix_list is not none %} match ip route-source prefix-list {{ rule_config.match.ip.route_source.prefix_list }} {% endif %} {% if rule_config.match.ipv6 is defined and rule_config.match.ipv6.address is defined and rule_config.match.ipv6.address.access_list is defined and rule_config.match.ipv6.address.access_list is not none %} match ipv6 address {{ rule_config.match.ipv6.address.access_list }} {% endif %} {% if rule_config.match.ipv6 is defined and rule_config.match.ipv6.address is defined and rule_config.match.ipv6.address.prefix_list is defined and rule_config.match.ipv6.address.prefix_list is not none %} match ipv6 address prefix-list {{ rule_config.match.ipv6.address.prefix_list }} {% endif %} {% if rule_config.match.ipv6 is defined and rule_config.match.ipv6.nexthop is defined and rule_config.match.ipv6.nexthop is not none %} match ipv6 next-hop {{ rule_config.match.ipv6.nexthop }} {% endif %} {% if rule_config.match.large_community is defined and rule_config.match.large_community.large_community_list is defined and rule_config.match.large_community.large_community_list is not none %} match large-community {{ rule_config.match.large_community.large_community_list }} {% endif %} {% if rule_config.match.local_preference is defined and rule_config.match.local_preference is not none %} match local-preference {{ rule_config.match.local_preference }} {% endif %} {% if rule_config.match.metric is defined and rule_config.match.metric is not none %} match metric {{ rule_config.match.metric }} {% endif %} {% if rule_config.match.origin is defined and rule_config.match.origin is not none %} match origin {{ rule_config.match.origin }} {% endif %} {% if rule_config.match.peer is defined and rule_config.match.peer is not none %} match peer {{ rule_config.match.peer }} {% endif %} {% if rule_config.match.rpki is defined and rule_config.match.rpki is not none %} match rpki {{ rule_config.match.rpki }} {% endif %} {% if rule_config.match.tag is defined and rule_config.match.tag is not none %} match tag {{ rule_config.match.tag }} {% endif %} {% endif %} {% if rule_config.on_match is defined and rule_config.on_match is not none %} {% if rule_config.on_match.next is defined %} on-match next {% endif %} {% if rule_config.on_match.goto is defined and rule_config.on_match.goto is not none %} on-match goto {{ rule_config.on_match.goto }} {% endif %} {% endif %} {% if rule_config.set is defined and rule_config.set is not none %} {% if rule_config.set.aggregator is defined and rule_config.set.aggregator.as is defined and rule_config.set.aggregator.ip is defined %} set aggregator as {{ rule_config.set.aggregator.as }} {{ rule_config.set.aggregator.ip }} {% endif %} {% if rule_config.set.as_path_exclude is defined and rule_config.set.as_path_exclude is not none %} set as-path exclude {{ rule_config.set.as_path_exclude }} {% endif %} {% if rule_config.set.as_path_prepend is defined and rule_config.set.as_path_prepend is not none %} set as-path prepend {{ rule_config.set.as_path_prepend }} {% endif %} {% if rule_config.set.atomic_aggregate is defined %} set atomic-aggregate {% endif %} {% if rule_config.set.comm_list is defined and rule_config.set.comm_list.comm_list is defined and rule_config.set.comm_list.comm_list is not none %} set comm-list {{ rule_config.set.comm_list.comm_list }} {{ 'delete' if rule_config.set.comm_list.delete is defined }} {% endif %} {% if rule_config.set.community is defined and rule_config.set.community is not none %} set community {{ rule_config.set.community }} {% endif %} {% if rule_config.set.distance is defined and rule_config.set.distance is not none %} set distance {{ rule_config.set.distance }} {% endif %} {% if rule_config.set.extcommunity_rt is defined and rule_config.set.extcommunity_rt is not none %} set extcommunity rt {{ rule_config.set.extcommunity_rt }} {% endif %} {% if rule_config.set.extcommunity_soo is defined and rule_config.set.extcommunity_soo is not none %} set extcommunity soo {{ rule_config.set.extcommunity_soo }} {% endif %} {% if rule_config.set.ip_next_hop is defined and rule_config.set.ip_next_hop is not none %} set ip next-hop {{ rule_config.set.ip_next_hop }} {% endif %} {% if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.global is defined and rule_config.set.ipv6_next_hop.global is not none %} set ipv6 next-hop global {{ rule_config.set.ipv6_next_hop.global }} {% endif %} {% if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.local is defined and rule_config.set.ipv6_next_hop.local is not none %} set ipv6 next-hop local {{ rule_config.set.ipv6_next_hop.local }} {% endif %} +{% if rule_config.set.ipv6_next_hop is defined and rule_config.set.ipv6_next_hop.prefer_global is defined %} + set ipv6 next-hop prefer-global +{% endif %} {% if rule_config.set.large_community is defined and rule_config.set.large_community is not none %} set large-community {{ rule_config.set.large_community }} {% endif %} {% if rule_config.set.local_preference is defined and rule_config.set.local_preference is not none %} set local-preference {{ rule_config.set.local_preference }} {% endif %} {% if rule_config.set.metric is defined and rule_config.set.metric is not none %} set metric {{ rule_config.set.metric }} {% endif %} {% if rule_config.set.metric_type is defined and rule_config.set.metric_type is not none %} set metric-type {{ rule_config.set.metric_type }} {% endif %} {% if rule_config.set.origin is defined and rule_config.set.origin is not none %} set origin {{ rule_config.set.origin }} {% endif %} {% if rule_config.set.originator_id is defined and rule_config.set.originator_id is not none %} set originator-id {{ rule_config.set.originator_id }} {% endif %} {% if rule_config.set.src is defined and rule_config.set.src is not none %} set src {{ rule_config.set.src }} {% endif %} {% if rule_config.set.table is defined and rule_config.set.table is not none %} set table {{ rule_config.set.table }} {% endif %} {% if rule_config.set.tag is defined and rule_config.set.tag is not none %} set tag {{ rule_config.set.tag }} {% endif %} {% if rule_config.set.weight is defined and rule_config.set.weight is not none %} set weight {{ rule_config.set.weight }} {% endif %} {% endif %} {% endfor %} ! {% endif %} {% endfor %} {% endif %} ! diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in index 1dba59312..195e074a3 100644 --- a/interface-definitions/policy.xml.in +++ b/interface-definitions/policy.xml.in @@ -1,1226 +1,1232 @@ <?xml version="1.0"?> <interfaceDefinition> <node name="policy" owner="${vyos_conf_scripts_dir}/policy.py"> <properties> <priority>200</priority> <help>Routing policy</help> </properties> <children> <tagNode name="access-list"> <properties> <help>IP access-list filter</help> <valueHelp> <format>u32:1-99</format> <description>IP standard access list</description> </valueHelp> <valueHelp> <format>u32:100-199</format> <description>IP extended access list</description> </valueHelp> <valueHelp> <format>u32:1300-1999</format> <description>IP standard access list (expanded range)</description> </valueHelp> <valueHelp> <format>u32:2000-2699</format> <description>IP extended access list (expanded range)</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this access-list</help> <valueHelp> <format>u32:1-65535</format> <description>Access-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <node name="destination"> <properties> <help>Destination network or address</help> </properties> <children> <leafNode name="any"> <properties> <help>Any IP address to match</help> <valueless/> </properties> </leafNode> #include <include/policy/host.xml.i> #include <include/policy/inverse-mask.xml.i> #include <include/policy/network.xml.i> </children> </node> <node name="source"> <properties> <help>Source network or address to match</help> </properties> <children> <leafNode name="any"> <properties> <help>Any IP address to match</help> <valueless/> </properties> </leafNode> #include <include/policy/host.xml.i> #include <include/policy/inverse-mask.xml.i> #include <include/policy/network.xml.i> </children> </node> </children> </tagNode> </children> </tagNode> <tagNode name="access-list6"> <properties> <help>IPv6 access-list filter</help> <valueHelp> <format>txt</format> <description>Name of IPv6 access-list</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this access-list6</help> <valueHelp> <format>u32:1-65535</format> <description>Access-list6 rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <node name="source"> <properties> <help>Source IPv6 network to match</help> </properties> <children> <leafNode name="any"> <properties> <help>Any IP address to match</help> <valueless/> </properties> </leafNode> <leafNode name="exact-match"> <properties> <help>Exact match of the network prefixes</help> <valueless/> </properties> </leafNode> <leafNode name="network"> <properties> <help>Network/netmask to match</help> <valueHelp> <format>ipv6net</format> <description>IPv6 address and prefix length</description> </valueHelp> <constraint> <validator name="ipv6-prefix"/> </constraint> </properties> </leafNode> </children> </node> </children> </tagNode> </children> </tagNode> <tagNode name="as-path-list"> <properties> <help>Border Gateway Protocol (BGP) autonomous system path filter</help> <valueHelp> <format>txt</format> <description>AS path list name</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this as-path-list</help> <valueHelp> <format>u32:1-65535</format> <description>AS path list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="regex"> <properties> <help>Regular expression to match against an AS path</help> <valueHelp> <format>txt</format> <description>AS path regular expression (ex: "64501 64502")</description> </valueHelp> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="community-list"> <properties> <help>Border Gateway Protocol (BGP) autonomous system path filter</help> <valueHelp> <format>txt</format> <description>Border Gateway Protocol (BGP) community-list filter</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this BGP community list</help> <valueHelp> <format>u32:1-65535</format> <description>Community-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="regex"> <properties> <help>Regular expression to match against a community-list</help> <completionHelp> <list>local-AS no-advertise no-export internet additive</list> </completionHelp> <valueHelp> <format><aa:nn></format> <description>Community number in AA:NN format</description> </valueHelp> <valueHelp> <format>local-AS</format> <description>Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03</description> </valueHelp> <valueHelp> <format>no-advertise</format> <description>Well-known communities value NO_ADVERTISE 0xFFFFFF02</description> </valueHelp> <valueHelp> <format>no-export</format> <description>Well-known communities value NO_EXPORT 0xFFFFFF01</description> </valueHelp> <valueHelp> <format>internet</format> <description>Well-known communities value 0</description> </valueHelp> <valueHelp> <format>additive</format> <description>New value is appended to the existing value</description> </valueHelp> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="extcommunity-list"> <properties> <help>Border Gateway Protocol (BGP) extended community-list filter</help> <valueHelp> <format>txt</format> <description>Border Gateway Protocol (BGP) extended community-list filter</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this BGP extended community list</help> <valueHelp> <format>u32:1-65535</format> <description>Extended community-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="regex"> <properties> <help>Regular expression to match against an extended community list</help> <valueHelp> <format><aa:nn:nn></format> <description>Extended community list regular expression</description> </valueHelp> <valueHelp> <format><rt aa:nn:nn></format> <description>Route Target regular expression</description> </valueHelp> <valueHelp> <format><soo aa:nn:nn></format> <description>Site of Origin regular expression</description> </valueHelp> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="large-community-list"> <properties> <help>Border Gateway Protocol (BGP) large-community-list filter</help> <valueHelp> <format>txt</format> <description>Border Gateway Protocol (BGP) large-community-list filter</description> </valueHelp> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this BGP extended community list</help> <valueHelp> <format>u32:1-65535</format> <description>Large community-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="regex"> <properties> <help>Regular expression to match against a large community list</help> <valueHelp> <format><aa:nn:nn></format> <description>Large Community value</description> </valueHelp> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="prefix-list"> <properties> <help>IP prefix-list filter</help> <valueHelp> <format>txt</format> <description>Name of IPv4 prefix-list</description> </valueHelp> <constraint> <regex>^[-_a-zA-Z0-9]+$</regex> </constraint> <constraintErrorMessage>Name of prefix-list can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this prefix-list</help> <valueHelp> <format>u32:1-65535</format> <description>Prefix-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="ge"> <properties> <help>Prefix length to match a netmask greater than or equal to it</help> <valueHelp> <format>u32:0-32</format> <description>Netmask greater than length</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-32"/> </constraint> </properties> </leafNode> <leafNode name="le"> <properties> <help>Prefix length to match a netmask less than or equal to it</help> <valueHelp> <format>u32:0-32</format> <description>Netmask less than length</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-32"/> </constraint> </properties> </leafNode> <leafNode name="prefix"> <properties> <help>Prefix to match</help> <valueHelp> <format>ipv4net</format> <description>Prefix to match against</description> </valueHelp> <constraint> <validator name="ip-prefix"/> </constraint> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="prefix-list6"> <properties> <help>IPv6 prefix-list filter</help> <valueHelp> <format>txt</format> <description>Name of IPv6 prefix-list</description> </valueHelp> <constraint> <regex>^[-_a-zA-Z0-9]+$</regex> </constraint> <constraintErrorMessage>Name of prefix-list6 can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this prefix-list6</help> <valueHelp> <format>u32:1-65535</format> <description>Prefix-list rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> #include <include/policy/description.xml.i> <leafNode name="ge"> <properties> <help>Prefix length to match a netmask greater than or equal to it</help> <valueHelp> <format>u32:0-128</format> <description>Netmask greater than length</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-128"/> </constraint> </properties> </leafNode> <leafNode name="le"> <properties> <help>Prefix length to match a netmask less than or equal to it</help> <valueHelp> <format>u32:0-128</format> <description>Netmask less than length</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-128"/> </constraint> </properties> </leafNode> <leafNode name="prefix"> <properties> <help>Prefix to match</help> <valueHelp> <format>ipv6net</format> <description>IPv6 prefix</description> </valueHelp> <constraint> <validator name="ipv6-prefix"/> </constraint> </properties> </leafNode> </children> </tagNode> </children> </tagNode> <tagNode name="route-map"> <properties> <help>IP route-map</help> <valueHelp> <format>txt</format> <description>Route map name</description> </valueHelp> <constraint> <regex>^[-_a-zA-Z0-9.]+$</regex> </constraint> <constraintErrorMessage>Name of route-map can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> </properties> <children> #include <include/policy/description.xml.i> <tagNode name="rule"> <properties> <help>Rule for this route-map</help> <valueHelp> <format>u32:1-65535</format> <description>Route-map rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> <children> #include <include/policy/action.xml.i> <leafNode name="call"> <properties> <help>Call another route-map on match</help> <valueHelp> <format>txt</format> <description>Route map name</description> </valueHelp> <completionHelp> <path>policy route-map</path> </completionHelp> </properties> </leafNode> <leafNode name="continue"> <properties> <help>Jump to a different rule in this route-map on a match</help> <valueHelp> <format>u32:1-65535</format> <description>Rule number</description> </valueHelp> </properties> </leafNode> #include <include/policy/description.xml.i> <node name="match"> <properties> <help>Route parameters to match</help> </properties> <children> <leafNode name="as-path"> <properties> <help>BGP as-path-list to match</help> <completionHelp> <path>policy as-path-list</path> </completionHelp> </properties> </leafNode> <node name="community"> <properties> <help>BGP community-list to match</help> </properties> <children> <leafNode name="community-list"> <properties> <help>BGP community-list to match</help> <completionHelp> <path>policy community-list</path> </completionHelp> </properties> </leafNode> <leafNode name="exact-match"> <properties> <help>Community-list to exactly match</help> <valueless/> </properties> </leafNode> </children> </node> <leafNode name="extcommunity"> <properties> <help>BGP extended community to match</help> <completionHelp> <path>policy extcommunity-list</path> </completionHelp> </properties> </leafNode> <leafNode name="interface"> <properties> <help>First hop interface of a route to match</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> </properties> </leafNode> <node name="ip"> <properties> <help>IP prefix parameters to match</help> </properties> <children> <node name="address"> <properties> <help>IP address of route to match</help> </properties> <children> <leafNode name="access-list"> <properties> <help>IP access-list to match</help> <valueHelp> <format>u32:1-99</format> <description>IP standard access list</description> </valueHelp> <valueHelp> <format>u32:100-199</format> <description>IP extended access list</description> </valueHelp> <valueHelp> <format>u32:1300-1999</format> <description>IP standard access list (expanded range)</description> </valueHelp> <valueHelp> <format>u32:2000-2699</format> <description>IP extended access list (expanded range)</description> </valueHelp> </properties> </leafNode> <leafNode name="prefix-list"> <properties> <help>IP prefix-list to match</help> <completionHelp> <path>policy prefix-list</path> </completionHelp> </properties> </leafNode> </children> </node> <!-- T3304 but it overwrite node nexthop <leafNode name="nexthop"> <properties> <help>IP next-hop of route to match</help> <valueHelp> <format>ipv4</format> <description>Next-hop IPv4 router address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> </properties> </leafNode> --> <node name="nexthop"> <properties> <help>IP next-hop of route to match</help> <valueHelp> <format>ipv4</format> <description>Next-hop IPv4 router address</description> </valueHelp> </properties> <children> <leafNode name="access-list"> <properties> <help>IP access-list to match</help> <valueHelp> <format>u32:1-99</format> <description>IP standard access list</description> </valueHelp> <valueHelp> <format>u32:100-199</format> <description>IP extended access list</description> </valueHelp> <valueHelp> <format>u32:1300-1999</format> <description>IP standard access list (expanded range)</description> </valueHelp> <valueHelp> <format>u32:2000-2699</format> <description>IP extended access list (expanded range)</description> </valueHelp> </properties> </leafNode> <leafNode name="prefix-list"> <properties> <help>IP prefix-list to match</help> <completionHelp> <path>policy prefix-list</path> </completionHelp> </properties> </leafNode> </children> </node> <node name="route-source"> <properties> <help>test</help> </properties> <children> <leafNode name="access-list"> <properties> <help>IP access-list to match</help> <valueHelp> <format>u32:1-99</format> <description>IP standard access list</description> </valueHelp> <valueHelp> <format>u32:100-199</format> <description>IP extended access list</description> </valueHelp> <valueHelp> <format>u32:1300-1999</format> <description>IP standard access list (expanded range)</description> </valueHelp> <valueHelp> <format>u32:2000-2699</format> <description>IP extended access list (expanded range)</description> </valueHelp> </properties> </leafNode> <leafNode name="prefix-list"> <properties> <help>IP prefix-list to match</help> <completionHelp> <path>policy prefix-list</path> </completionHelp> </properties> </leafNode> </children> </node> </children> </node> <node name="ipv6"> <properties> <help>IPv6 prefix parameters to match</help> </properties> <children> <node name="address"> <properties> <help>IPv6 address of route to match</help> </properties> <children> <leafNode name="access-list"> <properties> <help>IPv6 access-list to match</help> <valueHelp> <format>txt</format> <description>IPV6 access list name</description> </valueHelp> <completionHelp> <path>policy access-list6</path> </completionHelp> </properties> </leafNode> <leafNode name="prefix-list"> <properties> <help>IPv6 prefix-list to match</help> <completionHelp> <path>policy prefix-list6</path> </completionHelp> </properties> </leafNode> </children> </node> <leafNode name="nexthop"> <properties> <help>IPv6 next-hop of route to match</help> <valueHelp> <format>ipv6</format> <description>Nexthop IPv6 address</description> </valueHelp> <constraint> <validator name="ipv6-address"/> </constraint> </properties> </leafNode> </children> </node> <node name="large-community"> <properties> <help>Match BGP large communities</help> </properties> <children> <leafNode name="large-community-list"> <properties> <help>BGP large-community-list to match</help> <completionHelp> <path>policy large-community-list</path> </completionHelp> </properties> </leafNode> </children> </node> <leafNode name="local-preference"> <properties> <help>local-preference_help</help> <valueHelp> <format>u32:0-4294967295</format> <description>Local Preference</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> </leafNode> <leafNode name="metric"> <properties> <help>Metric of route to match</help> <valueHelp> <format>u32:1-65535</format> <description>Route metric</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> <leafNode name="origin"> <properties> <help>Border Gateway Protocol (BGP) origin code to match</help> <completionHelp> <list>egp igp incomplete</list> </completionHelp> <valueHelp> <format>egp</format> <description>Exterior gateway protocol origin</description> </valueHelp> <valueHelp> <format>igp</format> <description>Interior gateway protocol origin</description> </valueHelp> <valueHelp> <format>incomplete</format> <description>Incomplete origin</description> </valueHelp> <constraint> <regex>^(egp|igp|incomplete)$</regex> </constraint> </properties> </leafNode> <leafNode name="peer"> <properties> <help>Peer address to match</help> <valueHelp> <format>ipv4</format> <description>Peer IP address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> </properties> </leafNode> <leafNode name="rpki"> <properties> <help>Match RPKI validation result</help> <completionHelp> <list>invalid notfound valid</list> </completionHelp> <valueHelp> <format>invalid</format> <description>Match invalid entries</description> </valueHelp> <valueHelp> <format>notfound</format> <description>Match notfound entries</description> </valueHelp> <valueHelp> <format>valid</format> <description>Match valid entries</description> </valueHelp> <constraint> <regex>^(invalid|notfound|valid)$</regex> </constraint> </properties> </leafNode> <leafNode name="tag"> <properties> <help>Route tag to match</help> <valueHelp> <format>u32:1-65535</format> <description>Route tag</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> </children> </node> <node name="on-match"> <properties> <help>Exit policy on matches</help> </properties> <children> <leafNode name="goto"> <properties> <help>Rule number to goto on match</help> <valueHelp> <format>u32:1-65535</format> <description>Rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> <leafNode name="next"> <properties> <help>Next sequence number to goto on match</help> <valueless/> </properties> </leafNode> </children> </node> <node name="set"> <properties> <help>Route parameters</help> </properties> <children> <node name="aggregator"> <properties> <help>Border Gateway Protocol (BGP) aggregator attribute</help> </properties> <children> <leafNode name="as"> <properties> <help>AS number of an aggregation</help> <valueHelp> <format>u32:1-4294967295</format> <description>Rule number</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-4294967295"/> </constraint> </properties> </leafNode> <leafNode name="ip"> <properties> <help>IP address of an aggregation</help> <valueHelp> <format>ipv4</format> <description>IP address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> </properties> </leafNode> </children> </node> <leafNode name="as-path-exclude"> <properties> <help>Remove ASN(s) from a Border Gateway Protocol (BGP) AS-path attribute</help> <valueHelp> <format>txt</format> <description>BGP AS path exclude string (ex: "456 64500 45001")</description> </valueHelp> </properties> </leafNode> <leafNode name="as-path-prepend"> <properties> <help>Prepend string for a Border Gateway Protocol (BGP) AS-path attribute</help> <valueHelp> <format>txt</format> <description>BGP AS path prepend string (ex: "64501 64501")</description> </valueHelp> </properties> </leafNode> <leafNode name="atomic-aggregate"> <properties> <help>Border Gateway Protocol (BGP) atomic aggregate attribute</help> <valueless/> </properties> </leafNode> <leafNode name="bgp-extcommunity-rt"> <properties> <help>Set route target value</help> <valueHelp> <format><aa:nn></format> <description>ExtCommunity in format: asn:value</description> </valueHelp> </properties> </leafNode> <node name="comm-list"> <properties> <help>Border Gateway Protocol (BGP) communities matching a community-list</help> </properties> <children> <leafNode name="comm-list"> <properties> <help>BGP communities with a community-list</help> <completionHelp> <path>policy community-list</path> </completionHelp> <valueHelp> <format>txt</format> <description>BGP communities with a community-list</description> </valueHelp> </properties> </leafNode> <leafNode name="delete"> <properties> <help>Delete BGP communities matching the community-list</help> <valueless/> </properties> </leafNode> </children> </node> <leafNode name="community"> <properties> <help>Border Gateway Protocl (BGP) community attribute</help> <completionHelp> <list>local-AS no-advertise no-export internet additive none</list> </completionHelp> <valueHelp> <format><aa:nn></format> <description>Community number in AA:NN format</description> </valueHelp> <valueHelp> <format>local-AS</format> <description>Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03</description> </valueHelp> <valueHelp> <format>no-advertise</format> <description>Well-known communities value NO_ADVERTISE 0xFFFFFF02</description> </valueHelp> <valueHelp> <format>no-export</format> <description>Well-known communities value NO_EXPORT 0xFFFFFF01</description> </valueHelp> <valueHelp> <format>internet</format> <description>Well-known communities value 0</description> </valueHelp> <valueHelp> <format>additive</format> <description>New value is appended to the existing value</description> </valueHelp> <valueHelp> <format>none</format> <description>No community attribute</description> </valueHelp> </properties> </leafNode> <leafNode name="distance"> <properties> <help>Locally significant administrative distance</help> <valueHelp> <format>u32:0-255</format> <description>Distance value</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-255"/> </constraint> </properties> </leafNode> <leafNode name="extcommunity-rt"> <properties> <help>Set route target value</help> <valueHelp> <format>txt</format> <description>ASN:nn_or_IP_address:nn VPN extended community</description> </valueHelp> </properties> </leafNode> <leafNode name="extcommunity-soo"> <properties> <help>Set Site of Origin value</help> <valueHelp> <format>txt</format> <description>ASN:nn_or_IP_address:nn VPN extended community</description> </valueHelp> </properties> </leafNode> <leafNode name="ip-next-hop"> <properties> <help>Nexthop IP address</help> <valueHelp> <format>ipv4</format> <description>IP address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> </properties> </leafNode> <node name="ipv6-next-hop"> <properties> <help>Nexthop IPv6 address</help> </properties> <children> <leafNode name="global"> <properties> <help>Nexthop IPv6 global address</help> <valueHelp> <format>ipv6</format> <description>IPv6 address and prefix length</description> </valueHelp> <constraint> <validator name="ipv6-address"/> </constraint> </properties> </leafNode> <leafNode name="local"> <properties> <help>Nexthop IPv6 local address</help> <valueHelp> <format>ipv6</format> <description>IPv6 address and prefix length</description> </valueHelp> <constraint> <validator name="ipv6-address"/> </constraint> </properties> </leafNode> + <leafNode name="prefer-global"> + <properties> + <help>Prefer global address as the nexthop</help> + <valueless/> + </properties> + </leafNode> </children> </node> <leafNode name="large-community"> <properties> <help>Set BGP large community value</help> <valueHelp> <format>txt</format> <description>ASN:nn:mm BGP large community</description> </valueHelp> <completionHelp> <path>policy large-community-list</path> </completionHelp> </properties> </leafNode> <leafNode name="local-preference"> <properties> <help>Border Gateway Protocol (BGP) local preference attribute</help> <valueHelp> <format>u32:0-4294967295</format> <description>Local preference value</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> </leafNode> <leafNode name="metric"> <properties> <help>Destination routing protocol metric</help> <valueHelp> <format><+/-metric></format> <description>Add or subtract metric</description> </valueHelp> <valueHelp> <format>u32:0-4294967295</format> <description>Metric value</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> </leafNode> <leafNode name="metric-type"> <properties> <help>Open Shortest Path First (OSPF) external metric-type</help> <completionHelp> <list>type-1 type-2</list> </completionHelp> <valueHelp> <format>type-1</format> <description>OSPF external type 1 metric</description> </valueHelp> <valueHelp> <format>type-2</format> <description>OSPF external type 2 metric</description> </valueHelp> <constraint> <regex>^(type-1|type-2)$</regex> </constraint> </properties> </leafNode> <leafNode name="origin"> <properties> <help>Border Gateway Protocl (BGP) origin code</help> <completionHelp> <list>igp egp incomplete</list> </completionHelp> <valueHelp> <format>igp</format> <description>Interior gateway protocol origin</description> </valueHelp> <valueHelp> <format>egp</format> <description>Exterior gateway protocol origin</description> </valueHelp> <valueHelp> <format>incomplete</format> <description>Incomplete origin</description> </valueHelp> <constraint> <regex>^(igp|egp|incomplete)$</regex> </constraint> </properties> </leafNode> <leafNode name="originator-id"> <properties> <help>Border Gateway Protocol (BGP) originator ID attribute</help> <valueHelp> <format>ipv4</format> <description>Orignator IP address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> </properties> </leafNode> <leafNode name="src"> <properties> <help>Source address for route</help> <valueHelp> <format>ipv4</format> <description>IPv4 address</description> </valueHelp> <valueHelp> <format>ipv6</format> <description>IPv6 address</description> </valueHelp> <constraint> <validator name="ipv4-address"/> <validator name="ipv6-address"/> </constraint> </properties> </leafNode> <leafNode name="table"> <properties> <help>Set prefixes to table</help> <valueHelp> <format>u32:1-200</format> <description>Table value</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-200"/> </constraint> </properties> </leafNode> <leafNode name="tag"> <properties> <help>Tag value for routing protocol</help> <valueHelp> <format>u32:1-65535</format> <description>Tag value</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> <leafNode name="weight"> <properties> <help>Border Gateway Protocol (BGP) weight attribute</help> <valueHelp> <format>u32:0-4294967295</format> <description>BGP weight</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> </leafNode> </children> </node> </children> </tagNode> </children> </tagNode> </children> </node> </interfaceDefinition>