diff --git a/python/vyos/frr.py b/python/vyos/frr.py
index 668489636..de3dbe6e9 100644
--- a/python/vyos/frr.py
+++ b/python/vyos/frr.py
@@ -1,528 +1,515 @@
 # Copyright 2020 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
 # License as published by the Free Software Foundation; either
 # version 2.1 of the License, or (at your option) any later version.
 #
 # This library is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 # Lesser General Public License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public License
 # along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
 r"""
 A Library for interracting with the FRR daemon suite.
 It supports simple configuration manipulation and loading using the official tools
 supplied with FRR (vtysh and frr-reload)
 
 All configuration management and manipulation is done using strings and regex.
 
 
 Example Usage
 #####
 
 # Reading configuration from frr:
 ```
 >>> original_config = get_configuration()
 >>> repr(original_config)
 '!\nfrr version 7.3.1\nfrr defaults traditional\nhostname debian\n......
 ```
 
 
 # Modify a configuration section:
 ```
 >>> new_bgp_section = 'router bgp 65000\n neighbor 192.0.2.1 remote-as 65000\n'
 >>> modified_config = replace_section(original_config, new_bgp_section, replace_re=r'router bgp \d+')
 >>> repr(modified_config)
 '............router bgp 65000\n neighbor 192.0.2.1 remote-as 65000\n...........'
 ```
 
 Remove a configuration section:
 ```
 >>> modified_config = remove_section(original_config, r'router ospf')
 ```
 
 Test the new configuration:
 ```
 >>> try:
 >>>     mark_configuration(modified configuration)
 >>> except ConfigurationNotValid as e:
 >>>     print('resulting configuration is not valid')
 >>>     sys.exit(1)
 ```
 
 Apply the new configuration:
 ```
 >>> try:
 >>>     replace_configuration(modified_config)
 >>> except CommitError as e:
 >>>     print('Exception while commiting the supplied configuration')
 >>>     print(e)
 >>>     exit(1)
 ```
 """
 
 import tempfile
 import re
 from vyos import util
 from vyos.util import chown
+from vyos.util import cmd
 import logging
 from logging.handlers import SysLogHandler
 import os
 LOG = logging.getLogger(__name__)
 
 DEBUG = os.path.exists('/tmp/vyos.frr.debug')
 if DEBUG:
     LOG.setLevel(logging.DEBUG)
     ch = SysLogHandler(address='/dev/log')
     ch2 = logging.StreamHandler()
     LOG.addHandler(ch)
     LOG.addHandler(ch2)
 
 _frr_daemons = ['zebra', 'bgpd', 'fabricd', 'isisd', 'ospf6d', 'ospfd', 'pbrd',
                 'pimd', 'ripd', 'ripngd', 'sharpd', 'staticd', 'vrrpd', 'ldpd']
 
 path_vtysh = '/usr/bin/vtysh'
 path_frr_reload = '/usr/lib/frr/frr-reload.py'
 path_config = '/run/frr'
 
 
 class FrrError(Exception):
     pass
 
 
 class ConfigurationNotValid(FrrError):
     """
     The configuratioin supplied to vtysh is not valid
     """
     pass
 
 
 class CommitError(FrrError):
     """
     Commiting the supplied configuration failed to commit by a unknown reason
     see commit error and/or run mark_configuration on the specified configuration
     to se error generated
 
     used by: reload_configuration()
     """
     pass
 
 
 class ConfigSectionNotFound(FrrError):
     """
     Removal of configuration failed because it is not existing in the supplied configuration
     """
     pass
 
 
 def get_configuration(daemon=None, marked=False):
     """ Get current running FRR configuration
     daemon:  Collect only configuration for the specified FRR daemon,
              supplying daemon=None retrieves the complete configuration
     marked:  Mark the configuration with "end" tags
 
     return:  string containing the running configuration from frr
 
     """
     if daemon and daemon not in _frr_daemons:
         raise ValueError(f'The specified daemon type is not supported {repr(daemon)}')
 
     cmd = f"{path_vtysh} -c 'show run'"
     if daemon:
         cmd += f' -d {daemon}'
 
     output, code = util.popen(cmd, stderr=util.STDOUT)
     if code:
         raise OSError(code, output)
 
     config = output.replace('\r', '')
     # Remove first header lines from FRR config
     config = config.split("\n", 3)[-1]
     # Mark the configuration with end tags
     if marked:
         config = mark_configuration(config)
 
     return config
 
 
 def mark_configuration(config):
     """ Add end marks and Test the configuration for syntax faults
     If the configuration is valid a marked version of the configuration is returned,
     or else it failes with a ConfigurationNotValid Exception
 
     config:  The configuration string to mark/test
     return:  The marked configuration from FRR
     """
     output, code = util.popen(f"{path_vtysh} -m -f -", stderr=util.STDOUT, input=config)
 
     if code == 2:
         raise ConfigurationNotValid(str(output))
     elif code:
         raise OSError(code, output)
 
     config = output.replace('\r', '')
     return config
 
 
 def reload_configuration(config, daemon=None):
     """ Execute frr-reload with the new configuration
     This will try to reapply the supplied configuration inside FRR.
     The configuration needs to be a complete configuration from the integrated config or
     from a daemon.
 
     config:  The configuration to apply
     daemon:  Apply the conigutaion to the specified FRR daemon,
              supplying daemon=None applies to the integrated configuration
     return:  None
     """
     if daemon and daemon not in _frr_daemons:
         raise ValueError(f'The specified daemon type is not supported {repr(daemon)}')
 
     f = tempfile.NamedTemporaryFile('w')
     f.write(config)
     f.flush()
 
     LOG.debug(f'reload_configuration: Reloading config using temporary file: {f.name}')
     cmd = f'{path_frr_reload} --reload'
     if daemon:
         cmd += f' --daemon {daemon}'
 
     if DEBUG:
         cmd += f' --debug --stdout'
 
     cmd += f' {f.name}'
 
     LOG.debug(f'reload_configuration: Executing command against frr-reload: "{cmd}"')
     output, code = util.popen(cmd, stderr=util.STDOUT)
     f.close()
     for i, e in enumerate(output.split('\n')):
         LOG.debug(f'frr-reload output: {i:3} {e}')
     if code == 1:
         raise CommitError(f'Configuration FRR failed while commiting code, please enabling debugging to examine logs')
     elif code:
         raise OSError(code, output)
 
     return output
 
 
-def save_configuration(daemon=None):
-    """Save FRR configuration to /run/frr/{daemon}.conf
-       It save configuration on each commit.
+def save_configuration():
+    """Save FRR configuration to /run/frr/config/frr.conf
+       It save configuration on each commit. T3217
     """
-    if daemon and daemon not in _frr_daemons:
-        raise ValueError(f'The specified daemon type is not supported {repr(daemon)}')
-
-    cmd = f"{path_vtysh} -d {daemon} -c 'show run no-header'"
-    output, code = util.popen(cmd, stderr=util.STDOUT)
-    if code:
-        raise OSError(code, output)
 
-    daemon_conf = f'{path_config}/{daemon}.conf'
+    cmd(f'{path_vtysh} -n -w')
 
-    with open(daemon_conf, "w") as f:
-        f.write(output)
-    # Set permissions (frr:frr) for /run/frr/{daemon}.conf
-    if os.path.exists(daemon_conf):
-        chown(daemon_conf, 'frr', 'frr')
-    config = output
-
-    return config
+    return
 
 
 def execute(command):
     """ Run commands inside vtysh
     command:  str containing commands to execute inside a vtysh session
     """
     if not isinstance(command, str):
         raise ValueError(f'command needs to be a string: {repr(command)}')
 
     cmd = f"{path_vtysh} -c '{command}'"
 
     output, code = util.popen(cmd, stderr=util.STDOUT)
     if code:
         raise OSError(code, output)
 
     config = output.replace('\r', '')
     return config
 
 
 def configure(lines, daemon=False):
     """ run commands inside config mode vtysh
     lines:  list or str conaining commands to execute inside a configure session
             only one command executed on each configure()
             Executing commands inside a subcontext uses the list to describe the context
             ex: ['router bgp 6500', 'neighbor 192.0.2.1 remote-as 65000']
     return: None
     """
     if isinstance(lines, str):
         lines = [lines]
     elif not isinstance(lines, list):
         raise ValueError('lines needs to be string or list of commands')
 
     if daemon and daemon not in _frr_daemons:
         raise ValueError(f'The specified daemon type is not supported {repr(daemon)}')
 
     cmd = f'{path_vtysh}'
     if daemon:
         cmd += f' -d {daemon}'
 
     cmd += " -c 'configure terminal'"
     for x in lines:
         cmd += f" -c '{x}'"
 
     output, code = util.popen(cmd, stderr=util.STDOUT)
     if code == 1:
         raise ConfigurationNotValid(f'Configuration FRR failed: {repr(output)}')
     elif code:
         raise OSError(code, output)
 
     config = output.replace('\r', '')
     return config
 
 
 def _replace_section(config, replacement, replace_re, before_re):
     r"""Replace a section of FRR config
     config:      full original configuration
     replacement: replacement configuration section
     replace_re:  The regex to replace
                  example: ^router bgp \d+$.?*^!$
                  this will replace everything between ^router bgp X$ and ^!$
     before_re:   When replace_re is not existant, the config will be added before this tag
                  example: ^line vty$
 
     return:      modified configuration as a text file
     """
     # DEPRECATED, this is replaced by a new implementation
     # Check if block is configured, remove the existing instance else add a new one
     if re.findall(replace_re, config, flags=re.MULTILINE | re.DOTALL):
         # Section is in the configration, replace it
         return re.sub(replace_re, replacement, config, count=1,
                       flags=re.MULTILINE | re.DOTALL)
     if before_re:
         if not re.findall(before_re, config, flags=re.MULTILINE | re.DOTALL):
             raise ConfigSectionNotFound(f"Config section {before_re} not found in config")
 
         # If no section is in the configuration, add it before the line vty line
         return re.sub(before_re, rf'{replacement}\n\g<1>', config, count=1,
                       flags=re.MULTILINE | re.DOTALL)
 
     raise ConfigSectionNotFound(f"Config section {replacement} not found in config")
 
 
 def replace_section(config, replacement, from_re, to_re=r'!', before_re=r'line vty'):
     r"""Replace a section of FRR config
     config:      full original configuration
     replacement: replacement configuration section
     from_re:     Regex for the start of section matching
                  example: 'router bgp \d+'
     to_re:       Regex for stop of section matching
                  default: '!'
                  example: '!'  or  'end'
     before_re:   When from_re/to_re  does not return a match, the config will
                  be added before this tag
                  default: ^line vty$
 
     startline and endline tags will be automatically added to the resulting from_re/to_re and before_re regex'es
     """
     # DEPRECATED, this is replaced by a new implementation
     return _replace_section(config, replacement, replace_re=rf'^{from_re}$.*?^{to_re}$', before_re=rf'^({before_re})$')
 
 
 def remove_section(config, from_re, to_re='!'):
     # DEPRECATED, this is replaced by a new implementation
     return _replace_section(config, '', replace_re=rf'^{from_re}$.*?^{to_re}$', before_re=None)
 
 
 def _find_first_block(config, start_pattern, stop_pattern, start_at=0):
     '''Find start and stop line numbers for a config block
     config:        (list) A list conaining the configuration that is searched
     start_pattern: (raw-str) The pattern searched for a a start of block tag
     stop_pattern:  (raw-str) The pattern searched for to signify the end of the block
     start_at:      (int) The index to start searching at in the <config>
 
     Returns:
         None: No complete block could be found
         set(int, int): A complete block found between the line numbers returned in the set
 
     The object <config> is searched from the start for the regex <start_pattern> until the first match is found.
     On a successful match it continues the search for the regex <stop_pattern> until it is found.
     After a successful run a set is returned containing the start and stop line numbers.
     '''
     LOG.debug(f'_find_first_block: find start={repr(start_pattern)} stop={repr(stop_pattern)} start_at={start_at}')
     _start = None
     for i, element in enumerate(config[start_at:], start=start_at):
         # LOG.debug(f'_find_first_block: running line {i:3} "{element}"')
         if not _start:
             if not re.match(start_pattern, element):
                 LOG.debug(f'_find_first_block: no match     {i:3} "{element}"')
                 continue
             _start = i
             LOG.debug(f'_find_first_block: Found start  {i:3} "{element}"')
             continue
 
         if not re.match(stop_pattern, element):
             LOG.debug(f'_find_first_block: no match     {i:3} "{element}"')
             continue
 
         LOG.debug(f'_find_first_block: Found stop   {i:3} "{element}"')
         return (_start, i)
 
     LOG.debug('_find_first_block: exit start={repr(start_pattern)} stop={repr(stop_pattern)} start_at={start_at}')
     return None
 
 
 def _find_first_element(config, pattern, start_at=0):
     '''Find the first element that matches the current pattern in config
     config:        (list) A list containing the configuration that is searched
     start_pattern: (raw-str) The pattern searched for
     start_at:      (int) The index to start searching at in the <config>
 
     return:   Line index of the line containing the searched pattern
 
     TODO: for now it returns -1 on a no-match because 0 also returns as False
     TODO: that means that we can not use False matching to tell if its
     '''
     LOG.debug(f'_find_first_element: find start="{pattern}" start_at={start_at}')
     for i, element in enumerate(config[start_at:], start=0):
         if re.match(pattern + '$', element):
             LOG.debug(f'_find_first_element: Found stop {i:3} "{element}"')
             return i
         LOG.debug(f'_find_first_element: no match   {i:3} "{element}"')
     LOG.debug(f'_find_first_element: Did not find any match, exiting')
     return -1
 
 
 def _find_elements(config, pattern, start_at=0):
     '''Find all instances of pattern and return a list containing all element indexes
     config:        (list) A list containing the configuration that is searched
     start_pattern: (raw-str) The pattern searched for
     start_at:      (int) The index to start searching at in the <config>
 
     return:    A list of line indexes containing the searched pattern
     TODO: refactor this to return a generator instead
     '''
     return [i for i, element in enumerate(config[start_at:], start=0) if re.match(pattern + '$', element)]
 
 
 class FRRConfig:
     '''Main FRR Configuration manipulation object
     Using this object the user could load, manipulate and commit the configuration to FRR
     '''
     def __init__(self, config=[]):
         self.imported_config = ''
 
         if isinstance(config, list):
             self.config = config.copy()
             self.original_config = config.copy()
         elif isinstance(config, str):
             self.config = config.split('\n')
             self.original_config = self.config.copy()
         else:
             raise ValueError(
                 'The config element needs to be a string or list type object')
 
         if config:
             LOG.debug(f'__init__: frr library initiated with initial config')
             for i, e in enumerate(self.config):
                 LOG.debug(f'__init__: initial              {i:3} {e}')
 
     def load_configuration(self, daemon=None):
         '''Load the running configuration from FRR into the config object
         daemon: str with name of the FRR Daemon to load configuration from or
                 None to load the consolidated config
 
         Using this overwrites the current loaded config objects and replaces the original loaded config
         '''
         self.imported_config = get_configuration(daemon=daemon)
         if daemon:
             LOG.debug(f'load_configuration: Configuration loaded from FRR daemon {daemon}')
         else:
             LOG.debug(f'load_configuration: Configuration loaded from FRR integrated config')
 
         self.original_config = self.imported_config.split('\n')
         self.config = self.original_config.copy()
 
         for i, e in enumerate(self.imported_config.split('\n')):
             LOG.debug(f'load_configuration:  loaded    {i:3} {e}')
         return
 
     def test_configuration(self):
         '''Test the current configuration against FRR
         This will exception if FRR failes to load the current configuration object
         '''
         LOG.debug('test_configation: Testing configuration')
         mark_configuration('\n'.join(self.config))
 
     def commit_configuration(self, daemon=None):
         '''Commit the current configuration to FRR
            daemon: str with name of the FRR daemon to commit to or
                    None to use the consolidated config
         '''
         LOG.debug('commit_configuration:  Commiting configuration')
         for i, e in enumerate(self.config):
             LOG.debug(f'commit_configuration: new_config {i:3} {e}')
         reload_configuration('\n'.join(self.config), daemon=daemon)
 
     def modify_section(self, start_pattern, replacement=[], stop_pattern=r'\S+', remove_stop_mark=False, count=0):
         if isinstance(replacement, str):
             replacement = replacement.split('\n')
         elif not isinstance(replacement, list):
             return ValueError("The replacement element needs to be a string or list type object")
         LOG.debug(f'modify_section: starting search for {repr(start_pattern)} until {repr(stop_pattern)}')
 
         _count = 0
         _next_start = 0
         while True:
             if count and count <= _count:
                 # Break out of the loop after specified amount of matches
                 LOG.debug(f'modify_section: reached limit ({_count}), exiting loop at line {_next_start}')
                 break
             # While searching, always assume that the user wants to search for the exact pattern he entered
             # To be more specific the user needs a override, eg. a "pattern.*"
             _w = _find_first_block(
                 self.config, start_pattern+'$', stop_pattern, start_at=_next_start)
             if not _w:
                 # Reached the end, no more elements to remove
                 LOG.debug(f'modify_section: No more config sections found, exiting')
                 break
             start_element, end_element = _w
             LOG.debug(f'modify_section:   found match between {start_element} and {end_element}')
             for i, e in enumerate(self.config[start_element:end_element+1 if remove_stop_mark else end_element],
                                   start=start_element):
                 LOG.debug(f'modify_section:   remove       {i:3} {e}')
             del self.config[start_element:end_element +
                             1 if remove_stop_mark else end_element]
             if replacement:
                 # Append the replacement config at the current position
                 for i, e in enumerate(replacement, start=start_element):
                     LOG.debug(f'modify_section:   add          {i:3} {e}')
                 self.config[start_element:start_element] = replacement
             _count += 1
             _next_start = start_element + len(replacement)
 
         return _count
 
     def add_before(self, before_pattern, addition):
         '''Add config block before this element in the configuration'''
         if isinstance(addition, str):
             addition = addition.split('\n')
         elif not isinstance(addition, list):
             return ValueError("The replacement element needs to be a string or list type object")
 
         start = _find_first_element(self.config, before_pattern)
         if start < 0:
             return False
         for i, e in enumerate(addition, start=start):
             LOG.debug(f'add_before:   add          {i:3} {e}')
         self.config[start:start] = addition
         return True
 
     def __str__(self):
         return '\n'.join(self.config)
 
     def __repr__(self):
         return f'frr({repr(str(self))})'
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 6770865ff..73cfa9b83 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -1,229 +1,229 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2020-2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 from sys import argv
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.template import is_ip
 from vyos.template import render_to_string
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.validate import is_addr_assigned
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'bgpd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
 
     vrf = None
     if len(argv) > 1:
         vrf = argv[1]
 
     base_path = ['protocols', 'bgp']
 
     # eqivalent of the C foo ? 'a' : 'b' statement
     base = vrf and ['vrf', 'name', vrf, 'protocols', 'bgp'] or base_path
     bgp = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
 
     # Assign the name of our VRF context. This MUST be done before the return
     # statement below, else on deletion we will delete the default instance
     # instead of the VRF instance.
     if vrf: bgp.update({'vrf' : vrf})
 
     if not conf.exists(base):
         bgp.update({'deleted' : ''})
         return bgp
 
     # We also need some additional information from the config,
     # prefix-lists and route-maps for instance.
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into bgp dict
     bgp = dict_merge(tmp, bgp)
 
     return bgp
 
 def verify_remote_as(peer_config, bgp_config):
     if 'remote_as' in peer_config:
         return peer_config['remote_as']
 
     if 'peer_group' in peer_config:
         peer_group_name = peer_config['peer_group']
         tmp = dict_search(f'peer_group.{peer_group_name}.remote_as', bgp_config)
         if tmp: return tmp
 
     if 'interface' in peer_config:
         if 'remote_as' in peer_config['interface']:
             return peer_config['interface']['remote_as']
 
         if 'peer_group' in peer_config['interface']:
             peer_group_name = peer_config['interface']['peer_group']
             tmp = dict_search(f'peer_group.{peer_group_name}.remote_as', bgp_config)
             if tmp: return tmp
 
     return None
 
 def verify(bgp):
     if not bgp or 'deleted' in bgp:
         return None
 
     if 'local_as' not in bgp:
         raise ConfigError('BGP local-as number must be defined!')
 
     # Common verification for both peer-group and neighbor statements
     for neighbor in ['neighbor', 'peer_group']:
         # bail out early if there is no neighbor or peer-group statement
         # this also saves one indention level
         if neighbor not in bgp:
             continue
 
         for peer, peer_config in bgp[neighbor].items():
             # Only regular "neighbor" statement can have a peer-group set
             # Check if the configure peer-group exists
             if 'peer_group' in peer_config:
                 peer_group = peer_config['peer_group']
                 if 'peer_group' not in bgp or peer_group not in bgp['peer_group']:
                     raise ConfigError(f'Specified peer-group "{peer_group}" for '\
                                       f'neighbor "{neighbor}" does not exist!')
 
             # ttl-security and ebgp-multihop can't be used in the same configration
             if 'ebgp_multihop' in peer_config and 'ttl_security' in peer_config:
                 raise ConfigError('You can\'t set both ebgp-multihop and ttl-security hops')
 
             # Check spaces in the password
             if 'password' in peer_config and ' ' in peer_config['password']:
                 raise ConfigError('You can\'t use spaces in the password')
 
             # Some checks can/must only be done on a neighbor and not a peer-group
             if neighbor == 'neighbor':
                 # remote-as must be either set explicitly for the neighbor
                 # or for the entire peer-group
                 if not verify_remote_as(peer_config, bgp):
                     raise ConfigError(f'Neighbor "{peer}" remote-as must be set!')
 
                 # Only checks for ipv4 and ipv6 neighbors
                 # Check if neighbor address is assigned as system interface address
                 if is_ip(peer) and is_addr_assigned(peer):
                     raise ConfigError(f'Can\'t configure local address as neighbor "{peer}"')
 
             for afi in ['ipv4_unicast', 'ipv6_unicast', 'l2vpn_evpn']:
                 # Bail out early if address family is not configured
                 if 'address_family' not in peer_config or afi not in peer_config['address_family']:
                     continue
 
                 afi_config = peer_config['address_family'][afi]
                 # Validate if configured Prefix list exists
                 if 'prefix_list' in afi_config:
                     for tmp in ['import', 'export']:
                         if tmp not in afi_config['prefix_list']:
                             # bail out early
                             continue
                         # get_config_dict() mangles all '-' characters to '_' this is legitimate, thus all our
                         # compares will run on '_' as also '_' is a valid name for a prefix-list
                         prefix_list = afi_config['prefix_list'][tmp].replace('-', '_')
                         if afi == 'ipv4_unicast':
                             if dict_search(f'policy.prefix_list.{prefix_list}', bgp) == None:
                                 raise ConfigError(f'prefix-list "{prefix_list}" used for "{tmp}" does not exist!')
                         elif afi == 'ipv6_unicast':
                             if dict_search(f'policy.prefix_list6.{prefix_list}', bgp) == None:
                                 raise ConfigError(f'prefix-list6 "{prefix_list}" used for "{tmp}" does not exist!')
 
                 if 'route_map' in afi_config:
                     for tmp in ['import', 'export']:
                         if tmp in afi_config['route_map']:
                             # get_config_dict() mangles all '-' characters to '_' this is legitim, thus all our
                             # compares will run on '_' as also '_' is a valid name for a route-map
                             route_map = afi_config['route_map'][tmp].replace('-', '_')
                             if dict_search(f'policy.route_map.{route_map}', bgp) == None:
                                 raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!')
 
                 if 'route_reflector_client' in afi_config:
                     if 'remote_as' in peer_config and bgp['local_as'] != peer_config['remote_as']:
                         raise ConfigError('route-reflector-client only supported for iBGP peers')
                     else:
                         if 'peer_group' in peer_config:
                             peer_group_as = dict_search(f'peer_group.{peer_group}.remote_as', bgp)
                             if peer_group_as != None and peer_group_as != bgp['local_as']:
                                 raise ConfigError('route-reflector-client only supported for iBGP peers')
 
     # Throw an error if a peer group is not configured for allow range
     for prefix in dict_search('listen.range', bgp) or []:
         # we can not use dict_search() here as prefix contains dots ...
         if 'peer_group' not in bgp['listen']['range'][prefix]:
             raise ConfigError(f'Listen range for prefix "{prefix}" has no peer group configured.')
 
         peer_group = bgp['listen']['range'][prefix]['peer_group']
         if 'peer_group' not in bgp or peer_group not in bgp['peer_group']:
             raise ConfigError(f'Peer-group "{peer_group}" for listen range "{prefix}" does not exist!')
 
         if not verify_remote_as(bgp['listen']['range'][prefix], bgp):
             raise ConfigError(f'Peer-group "{peer_group}" requires remote-as to be set!')
 
     return None
 
 def generate(bgp):
     if not bgp or 'deleted' in bgp:
         bgp['new_frr_config'] = ''
         return None
 
     bgp['new_frr_config'] = render_to_string('frr/bgp.frr.tmpl', bgp)
     return None
 
 def apply(bgp):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
 
     if 'vrf' in bgp:
         vrf = bgp['vrf']
         frr_cfg.modify_section(f'^router bgp \d+ vrf {vrf}$', '')
     else:
         frr_cfg.modify_section('^router bgp \d+$', '')
 
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bgp['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if bgp['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py
index 02cf9970c..571520cfe 100755
--- a/src/conf_mode/protocols_isis.py
+++ b/src/conf_mode/protocols_isis.py
@@ -1,225 +1,225 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2020-2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 from sys import argv
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configdict import node_changed
 from vyos.configverify import verify_interface_exists
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.util import get_interface_config
 from vyos.template import render_to_string
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'isisd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
 
     vrf = None
     if len(argv) > 1:
         vrf = argv[1]
 
     base_path = ['protocols', 'isis']
 
     # eqivalent of the C foo ? 'a' : 'b' statement
     base = vrf and ['vrf', 'name', vrf, 'protocols', 'isis'] or base_path
     isis = conf.get_config_dict(base, key_mangling=('-', '_'),
                                 get_first_key=True)
 
     # Assign the name of our VRF context. This MUST be done before the return
     # statement below, else on deletion we will delete the default instance
     # instead of the VRF instance.
     if vrf: isis['vrf'] = vrf
 
     # As we no re-use this Python handler for both VRF and non VRF instances for
     # IS-IS we need to find out if any interfaces changed so properly adjust
     # the FRR configuration and not by acctident change interfaces from a
     # different VRF.
     interfaces_removed = node_changed(conf, base + ['interface'])
     if interfaces_removed:
         isis['interface_removed'] = list(interfaces_removed)
 
     # Bail out early if configuration tree does not exist
     if not conf.exists(base):
         isis.update({'deleted' : ''})
         return isis
 
     # We also need some additional information from the config, prefix-lists
     # and route-maps for instance. They will be used in verify()
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into OSPF dict
     isis = dict_merge(tmp, isis)
 
     return isis
 
 def verify(isis):
     # bail out early - looks like removal from running config
     if not isis or 'deleted' in isis:
         return None
 
     if 'net' not in isis:
         raise ConfigError('Network entity is mandatory!')
 
     # last byte in IS-IS area address must be 0
     tmp = isis['net'].split('.')
     if int(tmp[-1]) != 0:
         raise ConfigError('Last byte of IS-IS network entity title must always be 0!')
 
     # If interface not set
     if 'interface' not in isis:
         raise ConfigError('Interface used for routing updates is mandatory!')
 
     for interface in isis['interface']:
         verify_interface_exists(interface)
         if 'vrf' in isis:
             # If interface specific options are set, we must ensure that the
             # interface is bound to our requesting VRF. Due to the VyOS
             # priorities the interface is bound to the VRF after creation of
             # the VRF itself, and before any routing protocol is configured.
             vrf = isis['vrf']
             tmp = get_interface_config(interface)
             if 'master' not in tmp or tmp['master'] != vrf:
                 raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!')
 
     # If md5 and plaintext-password set at the same time
     if 'area_password' in isis:
         if {'md5', 'plaintext_password'} <= set(isis['encryption']):
             raise ConfigError('Can not use both md5 and plaintext-password for ISIS area-password!')
 
     # If one param from delay set, but not set others
     if 'spf_delay_ietf' in isis:
         required_timers = ['holddown', 'init_delay', 'long_delay', 'short_delay', 'time_to_learn']
         exist_timers = []
         for elm_timer in required_timers:
             if elm_timer in isis['spf_delay_ietf']:
                 exist_timers.append(elm_timer)
 
         exist_timers = set(required_timers).difference(set(exist_timers))
         if len(exist_timers) > 0:
             raise ConfigError('All types of delay must be specified: ' + ', '.join(exist_timers).replace('_', '-'))
 
     # If Redistribute set, but level don't set
     if 'redistribute' in isis:
         proc_level = isis.get('level','').replace('-','_')
         for afi in ['ipv4']:
             if afi not in isis['redistribute']:
                 continue
 
             for proto, proto_config in isis['redistribute'][afi].items():
                 if 'level_1' not in proto_config and 'level_2' not in proto_config:
                     raise ConfigError(f'Redistribute level-1 or level-2 should be specified in ' \
                                       f'"protocols isis {process} redistribute {afi} {proto}"!')
 
                 for redistr_level, redistr_config in proto_config.items():
                     if proc_level and proc_level != 'level_1_2' and proc_level != redistr_level:
                         raise ConfigError(f'"protocols isis {process} redistribute {afi} {proto} {redistr_level}" ' \
                                           f'can not be used with \"protocols isis {process} level {proc_level}\"')
 
                     if 'route_map' in redistr_config:
                         name = redistr_config['route_map']
                         tmp = name.replace('-', '_')
                         if dict_search(f'policy.route_map.{tmp}', isis) == None:
                             raise ConfigError(f'Route-map {name} does not exist!')
 
     # Segment routing checks
     if dict_search('segment_routing.global_block', isis):
         high_label_value = dict_search('segment_routing.global_block.high_label_value', isis)
         low_label_value = dict_search('segment_routing.global_block.low_label_value', isis)
 
         # If segment routing global block high value is blank, throw error
         if (low_label_value and not high_label_value) or (high_label_value and not low_label_value):
             raise ConfigError('Segment routing global block requires both low and high value!')
 
         # If segment routing global block low value is higher than the high value, throw error
         if int(low_label_value) > int(high_label_value):
             raise ConfigError('Segment routing global block low value must be lower than high value')
 
     if dict_search('segment_routing.local_block', isis):
         high_label_value = dict_search('segment_routing.local_block.high_label_value', isis)
         low_label_value = dict_search('segment_routing.local_block.low_label_value', isis)
 
         # If segment routing local block high value is blank, throw error
         if (low_label_value and not high_label_value) or (high_label_value and not low_label_value):
             raise ConfigError('Segment routing local block requires both high and low value!')
 
         # If segment routing local block low value is higher than the high value, throw error
         if int(low_label_value) > int(high_label_value):
             raise ConfigError('Segment routing local block low value must be lower than high value')
 
     return None
 
 def generate(isis):
     if not isis or 'deleted' in isis:
         isis['new_frr_config'] = ''
         return None
 
     isis['new_frr_config'] = render_to_string('frr/isis.frr.tmpl', isis)
     return None
 
 def apply(isis):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
 
     # Generate empty helper string which can be ammended to FRR commands,
     # it will be either empty (default VRF) or contain the "vrf <name" statement
     vrf = ''
     if 'vrf' in isis:
         vrf = ' vrf ' + isis['vrf']
 
     frr_cfg.modify_section(f'^router isis VyOS{vrf}$', '')
     for key in ['interface', 'interface_removed']:
         if key not in isis:
             continue
         for interface in isis[key]:
             frr_cfg.modify_section(f'^interface {interface}{vrf}$', '')
 
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', isis['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if isis['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py
index b4ee8659a..30cc33dcf 100755
--- a/src/conf_mode/protocols_ospf.py
+++ b/src/conf_mode/protocols_ospf.py
@@ -1,216 +1,216 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 from sys import argv
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configdict import node_changed
 from vyos.configverify import verify_route_maps
 from vyos.configverify import verify_interface_exists
 from vyos.template import render_to_string
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.util import get_interface_config
 from vyos.xml import defaults
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'ospfd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
 
     vrf = None
     if len(argv) > 1:
         vrf = argv[1]
 
     base_path = ['protocols', 'ospf']
 
     # eqivalent of the C foo ? 'a' : 'b' statement
     base = vrf and ['vrf', 'name', vrf, 'protocols', 'ospf'] or base_path
     ospf = conf.get_config_dict(base, key_mangling=('-', '_'),
                                 get_first_key=True)
 
     # Assign the name of our VRF context. This MUST be done before the return
     # statement below, else on deletion we will delete the default instance
     # instead of the VRF instance.
     if vrf: ospf['vrf'] = vrf
 
     # As we no re-use this Python handler for both VRF and non VRF instances for
     # OSPF we need to find out if any interfaces changed so properly adjust
     # the FRR configuration and not by acctident change interfaces from a
     # different VRF.
     interfaces_removed = node_changed(conf, base + ['interface'])
     if interfaces_removed:
         ospf['interface_removed'] = list(interfaces_removed)
 
     # Bail out early if configuration tree does not exist
     if not conf.exists(base):
         ospf.update({'deleted' : ''})
         return ospf
 
     # We have gathered the dict representation of the CLI, but there are default
     # options which we need to update into the dictionary retrived.
     # XXX: Note that we can not call defaults(base), as defaults does not work
     # on an instance of a tag node. As we use the exact same CLI definition for
     # both the non-vrf and vrf version this is absolutely safe!
     default_values = defaults(base_path)
 
     # We have to cleanup the default dict, as default values could enable features
     # which are not explicitly enabled on the CLI. Example: default-information
     # originate comes with a default metric-type of 2, which will enable the
     # entire default-information originate tree, even when not set via CLI so we
     # need to check this first and probably drop that key.
     if dict_search('default_information.originate', ospf) is None:
         del default_values['default_information']
     if dict_search('area.area_type.nssa', ospf) is None:
         del default_values['area']['area_type']['nssa']
     if 'mpls_te' not in ospf:
         del default_values['mpls_te']
     for protocol in ['bgp', 'connected', 'isis', 'kernel', 'rip', 'static']:
         if dict_search(f'redistribute.{protocol}', ospf) is None:
             del default_values['redistribute'][protocol]
 
     # XXX: T2665: we currently have no nice way for defaults under tag nodes,
     # clean them out and add them manually :(
     del default_values['neighbor']
     del default_values['area']['virtual_link']
     del default_values['interface']
 
     # merge in remaining default values
     ospf = dict_merge(default_values, ospf)
 
     if 'neighbor' in ospf:
         default_values = defaults(base + ['neighbor'])
         for neighbor in ospf['neighbor']:
             ospf['neighbor'][neighbor] = dict_merge(default_values, ospf['neighbor'][neighbor])
 
     if 'area' in ospf:
         default_values = defaults(base + ['area', 'virtual-link'])
         for area, area_config in ospf['area'].items():
             if 'virtual_link' in area_config:
                 print(default_values)
                 for virtual_link in area_config['virtual_link']:
                     ospf['area'][area]['virtual_link'][virtual_link] = dict_merge(
                         default_values, ospf['area'][area]['virtual_link'][virtual_link])
 
     if 'interface' in ospf:
         for interface in ospf['interface']:
             # We need to reload the defaults on every pass b/c of
             # hello-multiplier dependency on dead-interval
             default_values = defaults(base + ['interface'])
             # If hello-multiplier is set, we need to remove the default from
             # dead-interval.
             if 'hello_multiplier' in ospf['interface'][interface]:
                 del default_values['dead_interval']
 
             ospf['interface'][interface] = dict_merge(default_values,
                 ospf['interface'][interface])
 
     # We also need some additional information from the config, prefix-lists
     # and route-maps for instance. They will be used in verify()
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into OSPF dict
     ospf = dict_merge(tmp, ospf)
 
     return ospf
 
 def verify(ospf):
     if not ospf:
         return None
 
     verify_route_maps(ospf)
 
     if 'interface' in ospf:
         for interface in ospf['interface']:
             verify_interface_exists(interface)
             # One can not use dead-interval and hello-multiplier at the same
             # time. FRR will only activate the last option set via CLI.
             if {'hello_multiplier', 'dead_interval'} <= set(ospf['interface'][interface]):
                 raise ConfigError(f'Can not use hello-multiplier and dead-interval ' \
                                   f'concurrently for {interface}!')
 
             if 'vrf' in ospf:
             # If interface specific options are set, we must ensure that the
             # interface is bound to our requesting VRF. Due to the VyOS
             # priorities the interface is bound to the VRF after creation of
             # the VRF itself, and before any routing protocol is configured.
                 vrf = ospf['vrf']
                 tmp = get_interface_config(interface)
                 if 'master' not in tmp or tmp['master'] != vrf:
                     raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!')
 
     return None
 
 def generate(ospf):
     if not ospf or 'deleted' in ospf:
         ospf['new_frr_config'] = ''
         return None
 
     ospf['new_frr_config'] = render_to_string('frr/ospf.frr.tmpl', ospf)
     return None
 
 def apply(ospf):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
 
     # Generate empty helper string which can be ammended to FRR commands,
     # it will be either empty (default VRF) or contain the "vrf <name" statement
     vrf = ''
     if 'vrf' in ospf:
         vrf = ' vrf ' + ospf['vrf']
 
     frr_cfg.modify_section(f'^router ospf{vrf}$', '')
     for key in ['interface', 'interface_removed']:
         if key not in ospf:
             continue
         for interface in ospf[key]:
             frr_cfg.modify_section(f'^interface {interface}{vrf}$', '')
 
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospf['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if ospf['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py
index f3beab204..42b6462e3 100755
--- a/src/conf_mode/protocols_ospfv3.py
+++ b/src/conf_mode/protocols_ospfv3.py
@@ -1,107 +1,107 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configverify import verify_route_maps
 from vyos.template import render_to_string
 from vyos.util import call
 from vyos.ifconfig import Interface
 from vyos.xml import defaults
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'ospf6d'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
     base = ['protocols', 'ospfv3']
     ospfv3 = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
 
     # Bail out early if configuration tree does not exist
     if not conf.exists(base):
         return ospfv3
 
     # We also need some additional information from the config, prefix-lists
     # and route-maps for instance. They will be used in verify()
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into OSPF dict
     ospfv3 = dict_merge(tmp, ospfv3)
 
     return ospfv3
 
 def verify(ospfv3):
     if not ospfv3:
         return None
 
     verify_route_maps(ospfv3)
 
     if 'interface' in ospfv3:
         for ifname, if_config in ospfv3['interface'].items():
             if 'ifmtu' in if_config:
                 mtu = Interface(ifname).get_mtu()
                 if int(if_config['ifmtu']) > int(mtu):
                     raise ConfigError(f'OSPFv3 ifmtu cannot go beyond physical MTU of "{mtu}"')
 
     return None
 
 def generate(ospfv3):
     if not ospfv3:
         ospfv3['new_frr_config'] = ''
         return None
 
     ospfv3['new_frr_config'] = render_to_string('frr/ospfv3.frr.tmpl', ospfv3)
     return None
 
 def apply(ospfv3):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
     frr_cfg.modify_section(r'^interface \S+', '')
     frr_cfg.modify_section('^router ospf6$', '')
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospfv3['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, re-run the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if ospfv3['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_rip.py b/src/conf_mode/protocols_rip.py
index 34d42d630..e7eafd059 100755
--- a/src/conf_mode/protocols_rip.py
+++ b/src/conf_mode/protocols_rip.py
@@ -1,132 +1,132 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configverify import verify_route_maps
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.xml import defaults
 from vyos.template import render_to_string
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'ripd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
     base = ['protocols', 'rip']
     rip = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
 
     # Bail out early if configuration tree does not exist
     if not conf.exists(base):
         return rip
 
     # We have gathered the dict representation of the CLI, but there are default
     # options which we need to update into the dictionary retrived.
     default_values = defaults(base)
     # merge in remaining default values
     rip = dict_merge(default_values, rip)
 
     # We also need some additional information from the config, prefix-lists
     # and route-maps for instance. They will be used in verify()
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into OSPF dict
     rip = dict_merge(tmp, rip)
 
     return rip
 
 def verify(rip):
     if not rip:
         return None
 
     acl_in = dict_search('distribute_list.access_list.in', rip)
     if acl_in and acl_in not in  (dict_search('policy.access_list', rip) or []):
         raise ConfigError(f'Inbound ACL "{acl_in}" does not exist!')
 
     acl_out = dict_search('distribute_list.access_list.out', rip)
     if acl_out and acl_out not in (dict_search('policy.access_list', rip) or []):
         raise ConfigError(f'Outbound ACL "{acl_out}" does not exist!')
 
     prefix_list_in = dict_search('distribute_list.prefix_list.in', rip)
     if prefix_list_in and prefix_list_in.replace('-','_') not in (dict_search('policy.prefix_list', rip) or []):
         raise ConfigError(f'Inbound prefix-list "{prefix_list_in}" does not exist!')
 
     prefix_list_out = dict_search('distribute_list.prefix_list.out', rip)
     if prefix_list_out and prefix_list_out.replace('-','_') not in (dict_search('policy.prefix_list', rip) or []):
         raise ConfigError(f'Outbound prefix-list "{prefix_list_out}" does not exist!')
 
     if 'interface' in rip:
         for interface, interface_options in rip['interface'].items():
             if 'authentication' in interface_options:
                 if {'md5', 'plaintext_password'} <= set(interface_options['authentication']):
                     raise ConfigError('Can not use both md5 and plaintext-password at the same time!')
             if 'split_horizon' in interface_options:
                 if {'disable', 'poison_reverse'} <= set(interface_options['split_horizon']):
                     raise ConfigError(f'You can not have "split-horizon poison-reverse" enabled ' \
                                       f'with "split-horizon disable" for "{interface}"!')
 
     verify_route_maps(rip)
 
 def generate(rip):
     if not rip:
         rip['new_frr_config'] = ''
         return None
 
     rip['new_frr_config'] = render_to_string('frr/rip.frr.tmpl', rip)
 
     return None
 
 def apply(rip):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
     frr_cfg.modify_section(r'key chain \S+', '')
     frr_cfg.modify_section(r'interface \S+', '')
     frr_cfg.modify_section('router rip', '')
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', rip['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if rip['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py
index eff4297f9..140133bd0 100755
--- a/src/conf_mode/protocols_ripng.py
+++ b/src/conf_mode/protocols_ripng.py
@@ -1,131 +1,131 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
 from vyos.configverify import verify_route_maps
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.xml import defaults
 from vyos.template import render_to_string
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'ripngd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
     base = ['protocols', 'ripng']
     ripng = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
 
     # Bail out early if configuration tree does not exist
     if not conf.exists(base):
         return ripng
 
     # We have gathered the dict representation of the CLI, but there are default
     # options which we need to update into the dictionary retrived.
     default_values = defaults(base)
     # merge in remaining default values
     ripng = dict_merge(default_values, ripng)
 
     # We also need some additional information from the config, prefix-lists
     # and route-maps for instance. They will be used in verify()
     base = ['policy']
     tmp = conf.get_config_dict(base, key_mangling=('-', '_'))
     # Merge policy dict into OSPF dict
     ripng = dict_merge(tmp, ripng)
 
     return ripng
 
 def verify(ripng):
     if not ripng:
         return None
 
     acl_in = dict_search('distribute_list.access_list.in', ripng)
     if acl_in and acl_in not in  (dict_search('policy.access_list6', ripng) or []):
         raise ConfigError(f'Inbound access-list6 "{acl_in}" does not exist!')
 
     acl_out = dict_search('distribute_list.access_list.out', ripng)
     if acl_out and acl_out not in (dict_search('policy.access_list6', ripng) or []):
         raise ConfigError(f'Outbound access-list6 "{acl_out}" does not exist!')
 
     prefix_list_in = dict_search('distribute_list.prefix_list.in', ripng)
     if prefix_list_in and prefix_list_in.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
         raise ConfigError(f'Inbound prefix-list6 "{prefix_list_in}" does not exist!')
 
     prefix_list_out = dict_search('distribute_list.prefix_list.out', ripng)
     if prefix_list_out and prefix_list_out.replace('-','_') not in (dict_search('policy.prefix_list6', ripng) or []):
         raise ConfigError(f'Outbound prefix-list6 "{prefix_list_out}" does not exist!')
 
     if 'interface' in ripng:
         for interface, interface_options in ripng['interface'].items():
             if 'authentication' in interface_options:
                 if {'md5', 'plaintext_password'} <= set(interface_options['authentication']):
                     raise ConfigError('Can not use both md5 and plaintext-password at the same time!')
             if 'split_horizon' in interface_options:
                 if {'disable', 'poison_reverse'} <= set(interface_options['split_horizon']):
                     raise ConfigError(f'You can not have "split-horizon poison-reverse" enabled ' \
                                       f'with "split-horizon disable" for "{interface}"!')
 
     verify_route_maps(ripng)
 
 def generate(ripng):
     if not ripng:
         ripng['new_frr_config'] = ''
         return None
 
     ripng['new_frr_config'] = render_to_string('frr/ripng.frr.tmpl', ripng)
     return None
 
 def apply(ripng):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
     frr_cfg.modify_section(r'key chain \S+', '')
     frr_cfg.modify_section(r'interface \S+', '')
     frr_cfg.modify_section('router ripng', '')
     frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ripng['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if ripng['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)
diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py
index 0de073a6d..7ae952af8 100755
--- a/src/conf_mode/protocols_static.py
+++ b/src/conf_mode/protocols_static.py
@@ -1,113 +1,113 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 from sys import argv
 
 from vyos.config import Config
 from vyos.configverify import verify_route_maps
 from vyos.configverify import verify_vrf
 from vyos.template import render_to_string
 from vyos.util import call
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
 airbag.enable()
 
 frr_daemon = 'staticd'
 
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
 
     vrf = None
     if len(argv) > 1:
         vrf = argv[1]
 
     base_path = ['protocols', 'static']
     # eqivalent of the C foo ? 'a' : 'b' statement
     base = vrf and ['vrf', 'name', vrf, 'protocols', 'static'] or base_path
     static = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
 
     # Assign the name of our VRF context
     if vrf: static['vrf'] = vrf
 
     return static
 
 def verify(static):
     verify_route_maps(static)
 
     for route in ['route', 'route6']:
         # if there is no route(6) key in the dictionary we can immediately
         # bail out early
         if route not in static:
             continue
 
         # When leaking routes to other VRFs we must ensure that the destination
         # VRF exists
         for prefix, prefix_options in static[route].items():
             # both the interface and next-hop CLI node can have a VRF subnode,
             # thus we check this using a for loop
             for type in ['interface', 'next_hop']:
                 if type in prefix_options:
                     for interface, interface_config in prefix_options[type].items():
                         verify_vrf(interface_config)
 
     return None
 
 def generate(static):
     static['new_frr_config'] = render_to_string('frr/static.frr.tmpl', static)
     return None
 
 def apply(static):
     # Save original configuration prior to starting any commit actions
     frr_cfg = frr.FRRConfig()
     frr_cfg.load_configuration(frr_daemon)
 
     if 'vrf' in static:
         vrf = static['vrf']
         frr_cfg.modify_section(f'^vrf {vrf}$', '')
     else:
         frr_cfg.modify_section(r'^ip route .*', '')
         frr_cfg.modify_section(r'^ipv6 route .*', '')
 
     frr_cfg.add_before(r'(interface .*|line vty)', static['new_frr_config'])
     frr_cfg.commit_configuration(frr_daemon)
 
     # If FRR config is blank, rerun the blank commit x times due to frr-reload
     # behavior/bug not properly clearing out on one commit.
     if static['new_frr_config'] == '':
         for a in range(5):
             frr_cfg.commit_configuration(frr_daemon)
 
-    # Save configuration to /run/frr/{daemon}.conf
-    frr.save_configuration(frr_daemon)
+    # Save configuration to /run/frr/config/frr.conf
+    frr.save_configuration()
 
     return None
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)