Repository: tinynetwork/tinet Branch: master Commit: 345f8b20042d Files: 326 Total size: 931.5 KB Directory structure: gitextract_qbgpc9og/ ├── .github/ │ ├── CODEOWNERS │ ├── auto_assign.yml │ └── workflows/ │ ├── pr-auto-assign.yaml │ ├── release-master.yaml │ ├── release-tag.yaml │ └── test.yaml ├── .gitignore ├── .goreleaser.yml ├── Dockerfiles/ │ ├── centos7/ │ │ ├── Dockerfile │ │ └── build.sh │ ├── cloudvpn/ │ │ ├── Dockerfile │ │ └── build.sh │ ├── ebpf/ │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── README.md │ │ ├── build_and_attach.sh │ │ ├── detach.sh │ │ └── filter.c │ ├── frr/ │ │ ├── Dockerfile │ │ ├── Makefile │ │ └── daemons │ ├── nginx/ │ │ ├── Dockerfile │ │ └── Makefile │ ├── pmacctd/ │ │ ├── Dockerfile │ │ └── Makefile │ └── trex/ │ ├── Dockerfile │ └── Makefile ├── LICENSE ├── Makefile ├── README.md ├── cheatsheet.md ├── command_func.go ├── commands.go ├── configs/ │ └── spec_template.yaml ├── docs/ │ ├── command-line-usage-example.md │ └── specification_yml.md ├── examples/ │ ├── bandwidth_tc/ │ │ └── spec.yaml │ ├── basic_bfd/ │ │ └── spec.yaml │ ├── basic_bgp/ │ │ ├── README.md │ │ ├── bgp_clos_evpn_vxlan/ │ │ │ └── spec.yaml │ │ ├── graceful_restart/ │ │ │ └── simple_ipv4_unicast/ │ │ │ ├── README.md │ │ │ ├── r2/ │ │ │ │ └── r2-kill-bgpd.pcap │ │ │ └── spec.yaml │ │ ├── hv_bgp_dcn/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── hv_bgp_dcn_isol/ │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── local_pref/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── mpbgp_ipv4_labeled_unicast/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── path_attr/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── route_reflector/ │ │ │ └── spec.yaml │ │ ├── route_server/ │ │ │ └── spec.yaml │ │ ├── route_server_multihop/ │ │ │ └── spec.yaml │ │ ├── spec.yaml │ │ ├── unnumbered/ │ │ │ ├── r1.pcap │ │ │ └── spec.yaml │ │ ├── vpnv4_mpls/ │ │ │ ├── README.md │ │ │ ├── r1.pcap │ │ │ ├── r2.pcap │ │ │ └── spec.yaml │ │ ├── vpnv4_srmpls/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── vpnv4_srmpls_interas_option-b/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── vpnv4_srv6/ │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ ├── frr.conf.srv6.R1 │ │ │ ├── frr.conf.srv6.R2 │ │ │ └── spec.yaml │ │ ├── vpnv6_srv6_rs/ │ │ │ └── spec.yaml │ │ └── vrf2vrf_rouet_leak/ │ │ ├── Makefile │ │ └── spec.yaml │ ├── basic_bond/ │ │ └── spec.yaml │ ├── basic_bufferbloat/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_clos/ │ │ ├── README.md │ │ ├── spec.v0.0.0.yaml │ │ ├── spec.v0.0.1.yaml │ │ ├── spec.v0.0.2.yaml │ │ ├── spec.v0.0.3.yaml │ │ └── spec.yaml │ ├── basic_conntrack/ │ │ └── connection_sync/ │ │ ├── Makefile │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_coredns/ │ │ └── blacklist/ │ │ ├── Corefile.NS1 │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ebgp/ │ │ └── spec.yaml │ ├── basic_ecmp/ │ │ ├── README.md │ │ ├── scale.diff │ │ └── spec.yaml │ ├── basic_evpn/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_exabgp/ │ │ ├── Makefile │ │ ├── README.md │ │ ├── daemons.R1 │ │ ├── exabgp.conf │ │ ├── exabgp.conf.R2 │ │ ├── frr.conf.R1 │ │ └── spec.yaml │ ├── basic_fq_codel/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_gcp_hv/ │ │ └── spec.yaml │ ├── basic_geneve/ │ │ ├── in.pcap │ │ └── spec.yaml │ ├── basic_gre/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_haproxy/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ipip/ │ │ ├── anycast_tunnel/ │ │ │ └── spec.yaml │ │ └── simple/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ipsec/ │ │ ├── bgp/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── bgp_ha/ │ │ │ ├── in.pcap │ │ │ └── spec.yaml │ │ ├── mesh/ │ │ │ └── spec.yaml │ │ ├── mesh_bgp/ │ │ │ └── spec.yaml │ │ ├── simple/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── static_esp_tunnel_simple/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── with_vti/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ └── xfrm_interface/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_iptables/ │ │ ├── napt/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ ├── test/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ └── u32/ │ │ └── spec.yaml │ ├── basic_isis/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_l3dsr/ │ │ └── dscp/ │ │ ├── Dockerfile │ │ ├── spec.yaml │ │ └── xdp.c │ ├── basic_ldp/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_mirror/ │ │ ├── local/ │ │ │ └── spec.yaml │ │ └── remote/ │ │ └── spec.yaml │ ├── basic_mpls/ │ │ └── spec.yaml │ ├── basic_multipath/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_namespace/ │ │ ├── README.md │ │ ├── spec.blue.yaml │ │ └── spec.green.yaml │ ├── basic_napt/ │ │ └── spec.yaml │ ├── basic_netflow/ │ │ ├── README.md │ │ ├── multipath/ │ │ │ ├── Makefile │ │ │ └── spec.yaml │ │ ├── netflow.pcap │ │ └── simple/ │ │ └── spec.yaml │ ├── basic_netns/ │ │ └── spec.yaml │ ├── basic_nftables/ │ │ ├── masquerade/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ └── snat/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ospfv2_bird/ │ │ ├── README.md │ │ ├── bird/ │ │ │ ├── R1_bird.conf │ │ │ ├── R2_bird.conf │ │ │ ├── R3_bird.conf │ │ │ └── R4_bird.conf │ │ └── spec.yaml │ ├── basic_ospfv2_frr/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ospfv3_bird_multiple_instance/ │ │ ├── R3_bird6.conf │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_ospfv3_frr/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_pbr/ │ │ └── spec.yaml │ ├── basic_peer/ │ │ └── spec.yaml │ ├── basic_pim/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_pim2/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_pppoe_WIP/ │ │ └── spec.yaml │ ├── basic_rift/ │ │ ├── README.md │ │ ├── ietf_rift_python/ │ │ │ ├── meta_topology_2c_2x2.yaml │ │ │ ├── rift_leaf1.yaml │ │ │ ├── rift_leaf2.yaml │ │ │ ├── rift_spine1.yaml │ │ │ └── rift_spine2.yaml │ │ └── spec.yaml │ ├── basic_rtbh/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_source_routing/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_srmpls/ │ │ └── spec.yaml │ ├── basic_srv6/ │ │ ├── README.md │ │ ├── linux/ │ │ │ ├── bgp_vpnv6/ │ │ │ │ └── spec.yaml │ │ │ ├── binding_sid/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── end_bpf_WIP/ │ │ │ │ ├── Makefile │ │ │ │ ├── bpf_helpers.h │ │ │ │ ├── filter.c │ │ │ │ └── spec.yaml │ │ │ ├── hands_on/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── l2vpn/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── sfc/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── srv6_unaware/ │ │ │ │ ├── README.md │ │ │ │ ├── function/ │ │ │ │ │ ├── Makefile │ │ │ │ │ └── main.cc │ │ │ │ ├── function1/ │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── edenman_chikuwa.cc │ │ │ │ │ ├── main.cc │ │ │ │ │ └── ntt_ipa.cc │ │ │ │ └── spec.yaml │ │ │ ├── transit/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── vpn_v4_per_ce/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── vpn_v4_per_vrf/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── vpn_v6_per_ce/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ ├── vpn_v6_per_vrf/ │ │ │ │ ├── README.md │ │ │ │ └── spec.yaml │ │ │ └── vrf_redirect/ │ │ │ ├── README.md │ │ │ └── spec.yaml │ │ └── vpp/ │ │ └── vpn4_per_ce/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_sysctl/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_tc/ │ │ └── spec.yaml │ ├── basic_tproxy/ │ │ ├── dns_interceptor/ │ │ │ ├── Corefile │ │ │ ├── Dockerfile.coredns │ │ │ ├── Dockerfile.dns-interceptor │ │ │ ├── README.md │ │ │ ├── go.mod │ │ │ ├── go.sum │ │ │ ├── main.go │ │ │ ├── session-udp.go │ │ │ └── spec.yaml │ │ └── http_interceptor/ │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── go.mod │ │ ├── go.sum │ │ ├── http_interceptor.go │ │ └── spec.yaml │ ├── basic_vpnv4/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_vpp/ │ │ ├── README.md │ │ ├── nat.yaml │ │ └── spec.yaml │ ├── basic_vrf/ │ │ ├── README.md │ │ ├── frr.spec.yaml │ │ └── iproute2.spec.yaml │ ├── basic_vrf2/ │ │ └── spec.yaml │ ├── basic_vrrp/ │ │ ├── conntrack/ │ │ │ ├── keepalived.conf.R1 │ │ │ ├── keepalived.conf.R2 │ │ │ └── spec.yaml │ │ └── simple/ │ │ └── spec.yaml │ ├── basic_vxlan/ │ │ ├── vxlan_mcast.yaml │ │ └── vxlan_ucast.yaml │ ├── basic_vxlan_mcast_v6/ │ │ └── spec.yaml │ ├── basic_vxlan_v6/ │ │ ├── README.md │ │ └── spec.yaml │ ├── basic_xdp/ │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── filter.c │ │ └── spec.yaml │ ├── bgp_test/ │ │ ├── dut.conf │ │ └── spec.yaml │ ├── bgp_test2/ │ │ └── spec.yaml │ ├── bridge_tc/ │ │ ├── README.md │ │ └── spec.yaml │ ├── flowspec/ │ │ └── spec.yaml │ ├── gobgp-grpc/ │ │ ├── README.md │ │ ├── add_path01.py │ │ ├── add_path02.py │ │ ├── gobgp01.conf │ │ ├── gobgp02.conf │ │ └── spec.yaml │ ├── ovs_port_vlan/ │ │ └── spec.yaml │ ├── simple/ │ │ └── topo2/ │ │ └── spec.yaml │ ├── srmpls_l2vpn_static_linux/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srmpls_l3vpnv4_static_linux/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srmpls_l3vpnv4_static_vpp/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l2vpn_static_linux_hack/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l2vpn_static_vpp/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l3vpnv4_static_linux/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l3vpnv4_static_linux_pseudo_dt4/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l3vpnv4_static_vpp/ │ │ ├── README.md │ │ └── spec.yaml │ ├── srv6_l3vpnv6_static_linux/ │ │ ├── README.md │ │ └── spec.yaml │ └── trex/ │ ├── dual_node_single_instance/ │ │ ├── README.md │ │ ├── client.yaml │ │ ├── server.yaml │ │ ├── spec.yaml │ │ ├── tcp_open.py │ │ └── tcp_openclose.py │ ├── simple/ │ │ ├── README.md │ │ ├── cfg.yaml │ │ ├── new_connection_test.py │ │ ├── spec.yaml │ │ ├── tcp_open.py │ │ └── tcp_openclose.py │ └── single_node_dual_instance/ │ ├── README.md │ ├── client.yaml │ ├── server.yaml │ ├── spec.yaml │ ├── tcp_open.py │ └── tcp_openclose.py ├── go.mod ├── go.sum ├── internal/ │ └── pkg/ │ ├── shell/ │ │ ├── shell.go │ │ └── shell_test.go │ └── utils/ │ ├── utils.go │ └── utils_test.go └── main.go ================================================ FILE CONTENTS ================================================ ================================================ FILE: .github/CODEOWNERS ================================================ * @ak1ra24 @slankdev ================================================ FILE: .github/auto_assign.yml ================================================ # Set to true to add reviewers to pull requests addReviewers: true # Set to true to add assignees to pull requests addAssignees: false # A list of reviewers to be added to pull requests (GitHub user name) reviewers: - slankdev - ak1ra24 # A number of reviewers added to the pull request # Set 0 to add all the reviewers (default: 0) numberOfReviewers: 1 # A list of assignees, overrides reviewers if set # assignees: # - assigneeA # A number of assignees to add to the pull request # Set to 0 to add all of the assignees. # Uses numberOfReviewers if unset. # numberOfAssignees: 2 # A list of keywords to be skipped the process that add reviewers if pull requests include it skipKeywords: - wip ================================================ FILE: .github/workflows/pr-auto-assign.yaml ================================================ name: 'Auto Assign' on: pull_request jobs: add-reviews: runs-on: ubuntu-latest steps: - uses: kentaro-m/auto-assign-action@v1.1.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" configuration-path: ".github/auto_assign.yml" ================================================ FILE: .github/workflows/release-master.yaml ================================================ name: release-master on: push: branches: - master jobs: release: runs-on: ubuntu-latest steps: - name: Set up Go 1.13 uses: actions/setup-go@v2 with: go-version: 1.13 id: go - name: Check out code into the Go module directory uses: actions/checkout@v2 - name: Build env: GO111MODULE: on GOPATH: /home/runner/work/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | go get -u github.com/tcnksm/ghr go get -u github.com/Songmu/ghch/cmd/ghch export TAGNAME=latest go build -ldflags="-s -w -X main.Version=$TAGNAME" mkdir -p dist/latest tar -zcvf dist/latest/tinet_latest_linux64_amd64.tar.gz tinet $GOPATH/bin/ghr -n=$TAGNAME -b="$($GOPATH/bin/ghch -F markdown --latest)" -replace $TAGNAME ./dist/$TAGNAME ================================================ FILE: .github/workflows/release-tag.yaml ================================================ name: release tag on: push: tags: - "v[0-9]+.[0-9]+.[0-9]+" permissions: contents: write jobs: release: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v4 with: go-version: stable - name: Run GoReleaser uses: goreleaser/goreleaser-action@v5 with: distribution: goreleaser version: v1.23.0 args: release --clean env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ================================================ FILE: .github/workflows/test.yaml ================================================ name: test on: push: branches: - "**" pull_request: {} jobs: lint: name: lint runs-on: ubuntu-latest strategy: matrix: go-version: [1.12.x, 1.13.x, 1.14.x, 1.15.x, 1.16.x, 1.17.x] steps: - uses: actions/setup-go@v3 with: go-version: ${{ matrix.go-version }} - name: checkout uses: actions/checkout@v3 - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: version: v1.45.2 test: name: go test runs-on: ubuntu-latest strategy: matrix: go-version: [1.12.x, 1.13.x, 1.14.x, 1.15.x, 1.16.x, 1.17.x] steps: - name: Set up Go uses: actions/setup-go@v3 with: version: ${{ matrix.go-version }} - name: checkout uses: actions/checkout@v3 - name: Run go tests env: GO111MODULE: on run: | go test ./... -v ================================================ FILE: .gitignore ================================================ # Binaries for programs and plugins /tinet *.exe *.exe~ *.dll *.so *.dylib # Test binary, built with `go test -c` *.test # Output of the go coverage tool, specifically when used with LiteIDE *.out # Dependency directories (remove the comment below to include it) # vendor/ *.swp *~ ================================================ FILE: .goreleaser.yml ================================================ version: 1 before: hooks: - go mod tidy builds: - env: - CGO_ENABLED=0 ldflags: - -s -w - -X main.Version={{.Version}} goos: - linux goarch: - amd64 - arm64 archives: - format: binary name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" changelog: sort: asc use: github-native ================================================ FILE: Dockerfiles/centos7/Dockerfile ================================================ FROM centos:centos7 RUN yum -y install git autoconf automake libtool make \ readline-devel texinfo net-snmp-devel groff pkgconfig \ json-c-devel pam-devel bison flex pytest c-ares-devel \ python-devel systemd-devel python-sphinx libcap-devel \ sudo iproute traceroute iputils bash-completion tcpdump \ wireshark gdb wget vim libunwind libunwind-devel \ iptables-services ================================================ FILE: Dockerfiles/centos7/build.sh ================================================ #!/bin/sh -xe IMG=tinet/centos:centos7 docker build -t $IMG . ================================================ FILE: Dockerfiles/cloudvpn/Dockerfile ================================================ FROM tinet/centos:centos7 RUN yum -y install https://rpm.frrouting.org/repo/frr-stable-repo-1-0.el7.noarch.rpm \ && yum -y install frr-7.3.1-01.el7.x86_64 frr-pythontools \ && yum -y install https://download.libreswan.org/binaries/rhel/7/x86_64/libreswan-3.32-1.el7.x86_64.rpm ================================================ FILE: Dockerfiles/cloudvpn/build.sh ================================================ #!/bin/sh -xe IMG=tinet/cloudvpn docker build -t $IMG . ================================================ FILE: Dockerfiles/ebpf/Dockerfile ================================================ FROM ubuntu:rolling ARG LIBBPF_VERSION="0.8.0" ARG IPROUTE2_VERSION="5.18.0" ARG BPFTOOL_VERSION="6.8.0" RUN apt-get update RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \ vim curl git gcc make flex bison clang-12 libbsd-dev libbfd-dev libcap-dev \ libelf-dev gcc-multilib pkg-config linux-tools-`uname -r` RUN ln -s /usr/bin/clang-12 /usr/bin/clang WORKDIR /opt ADD https://github.com/libbpf/libbpf/archive/refs/tags/v${LIBBPF_VERSION}.tar.gz . RUN tar xvf v${LIBBPF_VERSION}.tar.gz RUN cd libbpf-${LIBBPF_VERSION}/src && make install BUILD_STATIC_ONLY=1 && make install_pkgconfig RUN rm -rf libbpf-${LIBBPF_VERSION} v${LIBBPF_VERSION}.tar.gz ADD https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/snapshot/iproute2-${IPROUTE2_VERSION}.tar.gz . RUN tar xvf iproute2-${IPROUTE2_VERSION}.tar.gz RUN cd iproute2-${IPROUTE2_VERSION} && ./configure --libbpf_force=on --libbpf_dir=/ && make install RUN rm -rf iproute2-${IPROUTE2_VERSION} iproute2-${IPROUTE2_VERSION}.tar.gz ADD filter.c . ADD build_and_attach.sh . ADD detach.sh . ================================================ FILE: Dockerfiles/ebpf/Makefile ================================================ IMG=tinynetwork/ebpf:develop build: docker build -t $(IMG) . push: docker push $(IMG) all: build push run: docker run --rm -it $(IMG) bash ================================================ FILE: Dockerfiles/ebpf/README.md ================================================ # Usage ``` docker build -t demo:latest . docker run -it --rm --privileged demo:latest bash ./build_and_attach.sh bpftool map dump name pkt_counter_egr bpftool map dump name pkt_counter_ing bpftool map event_pipe name pkt_counter_eve # make some traffic on eth0 ``` ================================================ FILE: Dockerfiles/ebpf/build_and_attach.sh ================================================ #!/bin/bash -xe clang -target bpf -O3 -g -c filter.c tc qdisc del dev eth0 clsact || true tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress bpf obj filter.o section tc-ingress tc filter add dev eth0 egress bpf obj filter.o section tc-egress ================================================ FILE: Dockerfiles/ebpf/detach.sh ================================================ #!/bin/bash -xe tc qdisc del dev eth0 clsact ================================================ FILE: Dockerfiles/ebpf/filter.c ================================================ #include #include #include struct { __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY); __uint(max_entries, 1); __type(key, int); __type(value, int); } pkt_counter_ingress SEC(".maps"); struct { __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY); __uint(max_entries, 1); __type(key, int); __type(value, int); } pkt_counter_egress SEC(".maps"); struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); __uint(key_size, sizeof(int)); __uint(value_size, sizeof(int)); } pkt_counter_events SEC(".maps"); static __inline int count_packets(struct __sk_buff *skb, void *map) { int key = 0; int *val = bpf_map_lookup_elem(map, &key); if (val == NULL) { return TC_ACT_SHOT; } *val = *val + 1; int msg = 0xefbeadde; bpf_perf_event_output(skb, &pkt_counter_events, BPF_F_CURRENT_CPU, &msg, sizeof(msg)); return TC_ACT_OK; } SEC("tc-ingress") int count_packets_ingress(struct __sk_buff *skb) { return count_packets(skb, &pkt_counter_ingress); } SEC("tc-egress") int count_packets_egress(struct __sk_buff *skb) { return count_packets(skb, &pkt_counter_egress); } char __license[] SEC("license") = "GPL"; ================================================ FILE: Dockerfiles/frr/Dockerfile ================================================ FROM frr-ubuntu20:latest USER root RUN mkdir -p /etc/frr COPY daemons /etc/frr/daemons RUN apt install -y vim tcpdump ================================================ FILE: Dockerfiles/frr/Makefile ================================================ IMG=tinynetwork/frr:develop build: docker build -t $(IMG) . push: docker push $(IMG) all: build push run: docker run --rm -it --privileged $(IMG) bash ================================================ FILE: Dockerfiles/frr/daemons ================================================ zebra=yes bgpd=yes ospfd=no ospf6d=no ripd=no ripngd=no isisd=no pimd=no ldpd=no nhrpd=no eigrpd=no babeld=no sharpd=yes pbrd=no bfdd=no ================================================ FILE: Dockerfiles/nginx/Dockerfile ================================================ FROM nginx RUN apt -y update -y && apt -y install iproute2 RUN apt update -y && apt install -y tcpdump netcat iperf3 watch file xxd psutils vim ENTRYPOINT bash ================================================ FILE: Dockerfiles/nginx/Makefile ================================================ IMG=tinynetwork/nginx:develop build: docker build -t $(IMG) . push: docker push $(IMG) all: build push run: docker run --rm -it $(IMG) bash ================================================ FILE: Dockerfiles/pmacctd/Dockerfile ================================================ FROM peterevans/vegeta as vegeta FROM pmacct/pmacctd:v1.7.6 RUN apt update -y && apt install -y tcpdump netcat iperf3 watch file xxd psutils vim RUN apt install -y nfdump jq RUN apt install -y curl COPY --from=vegeta /bin/vegeta /bin/vegeta ENTRYPOINT bash ================================================ FILE: Dockerfiles/pmacctd/Makefile ================================================ IMG=tinynetwork/pmacctd:develop build: docker build -t $(IMG) . push: docker push $(IMG) all: build push run: docker run --rm -it $(IMG) bash ================================================ FILE: Dockerfiles/trex/Dockerfile ================================================ FROM quay.io/centos/centos:stream8 ARG TREX_VERSION=3.04 ENV TREX_VERSION ${TREX_VERSION} RUN dnf install -y --nodocs \ git wget procps python3 vim python3-pip pciutils gettext \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \ && dnf clean all \ && dnf install -y --nodocs \ hostname iproute net-tools ethtool nmap iputils perf numactl \ sysstat htop rdma-core-devel libibverbs libibverbs-devel net-tools \ && dnf clean all WORKDIR /opt/ RUN wget --no-check-certificate https://trex-tgn.cisco.com/trex/release/v${TREX_VERSION}.tar.gz && \ tar -xzf v${TREX_VERSION}.tar.gz && \ mv v${TREX_VERSION} trex && \ rm v${TREX_VERSION}.tar.gz WORKDIR /opt/trex ================================================ FILE: Dockerfiles/trex/Makefile ================================================ IMG=tinynetwork/trex:develop build: docker build -t $(IMG) . push: docker push $(IMG) all: build push ================================================ FILE: LICENSE ================================================ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [2020] [ak1ra24] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================ FILE: Makefile ================================================ VERSION = $$(gobump show -r cmd) export GO111MODULE=on .PHONY: deps deps: go get -u -d go mod tidy .PHONY: devel-deps devel-deps: go get -v \ github.com/x-motemen/gobump/cmd/gobump \ github.com/Songmu/ghch/cmd/ghch \ github.com/Songmu/goxz/cmd/goxz \ github.com/tcnksm/ghr \ github.com/golangci/golangci-lint/cmd/golangci-lint .PHONY: test test: go test -v ./... .PHONY: lint lint: devel-deps golangci-lint run .PHONY: build build: deps go build -o tn .PHONY: install install: deps go install .PHONY: release release: devel-deps echo ghr -n=v$(VERSION) -b="$($GOPATH/bin/ghch -F markdown --latest)" -draft v$(VERSION) ./dist/v$(VERSION) .PHONY: crossbuild crossbuild: devel-deps goxz -pv=$(VERSION) -os=linux -arch=amd64 -d=./dist/v$(VERSION) ================================================ FILE: README.md ================================================ # tinet ![test](https://github.com/tinynetwork/tinet/workflows/test/badge.svg) ![release](https://github.com/tinynetwork/tinet/workflows/release/badge.svg) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](LICENSE) [![Go Report Card](https://goreportcard.com/badge/github.com/tinynetwork/tinet)](https://goreportcard.com/report/github.com/tinynetwork/tinet) An instant virtual network on your laptop with light-weight virtualization. Here we introduce the Container Network Simulation tools. Users can generate, from the YAML configuration file, the script to build the L2 container network. Quickstart guide is provided in QUICKSTART.md. It is tested on Ubuntu 16.04 LTS and later. ## Requirements - Docker - OpenvSwitch (optional) - graphviz (optional) ## Quick Install There is only linux_amd64 pre-built binary ``` curl -Lo /usr/bin/tinet https://github.com/tinynetwork/tinet/releases/download/v0.0.3/tinet.linux_amd64 chmod +x /usr/bin/tinet tinet --version ``` for ubuntu user ``` sudo apt update sudo apt install -y linux-image-extra-virtual sudo reboot ``` upgrading the kernel ``` $ sudo apt list "linux-image-5.15.*-generic" linux-image-5.15.0-33-generic/focal-updates,focal-security 5.15.0-33.34~20.04.1 amd64 $ sudo apt install linux-image-5.15.0-33-generic linux-modules-5.15.0-33-generic linux-modules-extra-5.15.0-33-generic $ sudo reboot ``` ``` $ sudo grep 'menuentry ' $(sudo find /boot -name "grub.cfg") | cut -f 2 -d "'" | nl -v 0 0 Ubuntu 1 Ubuntu, with Linux 5.15.0-33-generic 2 Ubuntu, with Linux 5.15.0-33-generic (recovery mode) 3 Ubuntu, with Linux 5.4.0-113-generic 4 Ubuntu, with Linux 5.4.0-113-generic (recovery mode) $ sudo grub-set-default 3 $ sudo reboot ``` ## Build ``` git clone https://github.com/tinynetwork/tinet tinet && cd $_ docker run --rm -i -t -v $PWD:/v -w /v golang:1.12 go build mv tinet /usr/local/bin ``` ## Usage ``` tinet up -c spec.yaml | sudo sh -x tinet conf -c spec.yaml | sudo sh -x tinet test -c spec.yaml | sudo sh -x tinet down -c spec.yaml | sudo sh -x docker run -it --rm --privileged --net=container:R1 nicolaka/netshoot bash ``` ## Command Options ``` # tinet NAME: tinet - tinet: Tiny Network USAGE: tinet [global options] command [command options] [arguments...] VERSION: 0.0.1 (rev:) AUTHOR: ak1ra24 COMMANDS: check check config conf configure Node from tinet config file down Down Node from tinet config file exec Execute Command on Node from tinet config file. img visualize network topology by graphviz from tinet config file init Generate tinet config template file ps docker and netns process pull Pull Node docker image from tinet config file reconf Stop, remove, create, start and config reup Stop, remove, create, start test Execute test commands from tinet config file. up create Node from tinet config file upconf Create, start and config help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --help, -h show help (default: false) --version, -v print the version (default: false) ``` ## Contribute Simply fork and create a pull-request. We'll try to respond in a timely fashion. ## Links - [Command Line Usage Example](docs/command-line-usage-example.md) - [YAML Format](docs/specification_yml.md) ================================================ FILE: cheatsheet.md ================================================ # Cheatsheet ## Linux Networking ``` # ip route add 10.0.0.0/24 encap seg6 mode encap segs a::,b::,c::,d:: via 2001:db8::1 # ip route add 10.0.0.0/24 encap seg6 mode l2encap segs a::,b::,c::,d:: via 2001:db8::1 # ip route add 10.0.0.0/24 encap seg6 mode inline segs a::,b::,c::,d:: via 2001:db8::1 # ip -6 route add fc00::1/128 encap seg6local \ action End via 2001:db8::1 action End.X nh6 fc00::1:1 via 2001:db8::1 action End.T table 100 via 2001:db8::1 action End.DX2 oif lxcbr0 via 2001:db8::1 action End.DX4 nh4 10.0.3.254 via 2001:db8::1 action End.DT4 vrftable 100 via 2001:db8::1 action End.DX6 nh6 fc00::1:1 via 2001:db8::1 action End.DT6 table 100 via 2001:db8::1 ``` ## VPP Networking ``` vpp> sr policy add bsid cafe::10 next fc00:2::10 fib-table 0 vpp> sr steer l3 192.168.1.0/24 via bsid cafe::10 fib-table 10 vpp> sr steer l2 host-net2 via bsid cafe::10 vpp> set sr encaps source addr fc00:1:: vpp> sr localsid address fc00:1:: behavior end vpp> sr localsid address fc00:1::10 behavior end.dt4 10 vpp> sr localsid address fc00:1::10 behavior end.dx2 host-net2 ``` ================================================ FILE: command_func.go ================================================ package main import ( "fmt" "log" "os" "strings" "github.com/emicklei/dot" "github.com/spf13/viper" "github.com/tinynetwork/tinet/internal/pkg/shell" "github.com/tinynetwork/tinet/internal/pkg/utils" "github.com/urfave/cli/v2" ) type linkstatus struct { leftNodeName string leftInfName string leftIsSet bool leftNodeType string rightNodeName string rightInfName string rightIsSet bool rightNodeType string } func LoadCfg(c *cli.Context) (tnconfig shell.Tn, verbose bool, err error) { cfgFile := c.String("config") verbose = c.Bool("verbose") if cfgFile != "" { viper.SetConfigFile(cfgFile) viper.SetConfigType("yaml") if err = viper.ReadInConfig(); err != nil { return tnconfig, verbose, err } if err = viper.Unmarshal(&tnconfig); err != nil { return tnconfig, verbose, err } } else { err = fmt.Errorf("not set config file.") return tnconfig, verbose, err } return tnconfig, verbose, nil } func CmdBuild(c *cli.Context) error { tnconfig, _, err := LoadCfg(c) if err != nil { return err } nodes := tnconfig.Nodes for _, node := range nodes { buildCmd := node.BuildCmd() fmt.Fprint(os.Stdout, buildCmd) } return nil } func CmdCheck(c *cli.Context) error { tnconfig, _, err := LoadCfg(c) if err != nil { return err } nodes := tnconfig.Nodes bridges := tnconfig.Switches confmap := map[string]string{} for _, node := range nodes { for _, inf := range node.Interfaces { if inf.Type == "direct" { host := node.Name + ":" + inf.Name peer := strings.Split(inf.Args, "#") target := peer[0] + ":" + peer[1] confmap[host] = target } else if inf.Type == "bridge" { host := node.Name + ":" + inf.Name target := inf.Args + ":" + node.Name confmap[host] = target } } } for _, bridge := range bridges { for _, inf := range bridge.Interfaces { host := bridge.Name + ":" + inf.Args target := inf.Args + ":" + inf.Name confmap[host] = target } } var matchNum int falseConfigMap := map[string]string{} for key, value := range confmap { if confmap[key] == value && confmap[value] == key { matchNum++ } else { falseConfigMap[key] = value } } if len(confmap) == matchNum { return nil } else { var errMsg string for key, value := range falseConfigMap { errMsg += fmt.Sprintf("%s<->%s\n", key, value) } return fmt.Errorf(errMsg) } } func CmdUp(c *cli.Context) error { tnconfig, verbose, err := LoadCfg(c) if err != nil { return err } if len(tnconfig.PreCmd) != 0 { for _, preCmds := range tnconfig.PreCmd { preExecCmds := shell.ExecCmd(preCmds.Cmds) utils.PrintCmds(os.Stdout, preExecCmds, verbose) } } if len(tnconfig.PreInit) != 0 { for _, preInitCmds := range tnconfig.PreInit { preExecInitCmds := shell.ExecCmd(preInitCmds.Cmds) utils.PrintCmds(os.Stdout, preExecInitCmds, verbose) } } for _, node := range tnconfig.Nodes { createNodeCmds := node.CreateNode() utils.PrintCmds(os.Stdout, createNodeCmds, verbose) if node.Type != "netns" { mountDockerNetnsCmds := node.Mount_docker_netns() utils.PrintCmds(os.Stdout, mountDockerNetnsCmds, verbose) } } if len(tnconfig.Switches) != 0 { for _, bridge := range tnconfig.Switches { createSwitchCmds := bridge.CreateSwitch() utils.PrintCmds(os.Stdout, createSwitchCmds, verbose) } } var links []linkstatus for _, node := range tnconfig.Nodes { for _, inf := range node.Interfaces { if inf.Type == "direct" { rNodeArgs := strings.Split(inf.Args, "#") rNodeName := rNodeArgs[0] rInfName := rNodeArgs[1] peerFound := false for _, link := range links { if !link.rightIsSet { nodecheck := link.leftNodeName == rNodeName infcheck := link.leftInfName == rInfName if nodecheck && infcheck { link.rightNodeName = node.Name link.rightInfName = inf.Name link.rightNodeType = node.Type link.rightIsSet = true peerFound = true } } } if !peerFound { link := linkstatus{leftNodeName: node.Name, leftInfName: inf.Name, rightNodeName: rNodeName, rightInfName: rInfName} link.leftNodeType = node.Type link.leftIsSet = true links = append(links, link) n2nLinkCmds := inf.N2nLink(node.Name) utils.PrintCmds(os.Stdout, n2nLinkCmds, verbose) } if len(inf.Addr) != 0 { addrSetCmd := inf.AddrSet(node.Name) utils.PrintCmd(os.Stdout, addrSetCmd, verbose) } } else if inf.Type == "bridge" { s2nLinkCmds := inf.S2nLink(node.Name) utils.PrintCmds(os.Stdout, s2nLinkCmds, verbose) } else if inf.Type == "veth" { v2cLinkCmds := inf.V2cLink(node.Name) utils.PrintCmds(os.Stdout, v2cLinkCmds, verbose) } else if inf.Type == "phys" { p2cLinkCmds := inf.P2cLink(node.Name) utils.PrintCmds(os.Stdout, p2cLinkCmds, verbose) } else { err := fmt.Errorf("not supported interface type: %s", inf.Type) log.Fatal(err) } } } // check err = CmdCheck(c) if err != nil { return err } for _, node := range tnconfig.Nodes { if node.Type == "docker" || node.Type == "" { delNsCmd := node.DelNsCmd() utils.PrintCmd(os.Stdout, delNsCmd, verbose) mountTmplCmd, err := node.MountTmpl() utils.PrintCmds(os.Stdout, mountTmplCmd, verbose) if err != nil { return err } } } if len(tnconfig.PostInit) != 0 { for _, postInitCmds := range tnconfig.PostInit { postExecInitCmds := shell.ExecCmd(postInitCmds.Cmds) utils.PrintCmds(os.Stdout, postExecInitCmds, verbose) } } return nil } func CmdConf(c *cli.Context) error { tnconfig, verbose, err := LoadCfg(c) if err != nil { return err } nodeinfo := map[string]string{} for _, node := range tnconfig.Nodes { nodeinfo[node.Name] = node.Type } if len(tnconfig.PreConf) != 0 { for _, preConf := range tnconfig.PreConf { preConfCmds := shell.ExecCmd(preConf.Cmds) utils.PrintCmds(os.Stdout, preConfCmds, verbose) } } for _, nodeConfig := range tnconfig.NodeConfigs { execConfCmds := nodeConfig.ExecConf(nodeinfo[nodeConfig.Name]) for _, execConfCmd := range execConfCmds { utils.PrintCmd(os.Stdout, execConfCmd, verbose) } } return nil } func CmdUpConf(c *cli.Context) error { // create and start if err := CmdUp(c); err != nil { return err } // config if err := CmdConf(c); err != nil { return err } return nil } func CmdDown(c *cli.Context) error { tnconfig, verbose, err := LoadCfg(c) if err != nil { return err } for _, node := range tnconfig.Nodes { deleteNode := node.DeleteNode() utils.PrintCmds(os.Stdout, deleteNode, verbose) } for _, br := range tnconfig.Switches { delBrCmd := br.DeleteSwitch() utils.PrintCmd(os.Stdout, delBrCmd, verbose) } if len(tnconfig.PostFini) != 0 { for _, postFiniCmds := range tnconfig.PostFini { postExecFiniCmds := shell.ExecCmd(postFiniCmds.Cmds) utils.PrintCmds(os.Stdout, postExecFiniCmds, verbose) } } return nil } func CmdExec(c *cli.Context) error { tnconfig, verbose, err := LoadCfg(c) if err != nil { return err } execCmdArgs := c.Args().Slice() execCommand := tnconfig.Exec(execCmdArgs[0], execCmdArgs[1:]) utils.PrintCmd(os.Stdout, execCommand, verbose) return nil } func CmdImg(c *cli.Context) error { format := c.String("format") tnconfig, _, err := LoadCfg(c) if err != nil { return err } g := dot.NewGraph(dot.Directed) for _, tnnode := range tnconfig.Nodes { nodeName := tnnode.Name fromNode := g.Node(nodeName) fromNode.Label(nodeName) ifaceInfos := tnnode.Interfaces for _, ifaceInfo := range ifaceInfos { var argsName string if ifaceInfo.Type == "direct" { argsName = strings.Split(ifaceInfo.Args, "#")[0] toNode := g.Node(argsName) findEdges := g.FindEdges(toNode, fromNode) if len(findEdges) == 0 { newEdge := g.Edge(fromNode, toNode) newEdge.Attr("arrowhead", "none") newEdge.Attr("labelfloat", "true") taillabel := "" if ifaceInfo.Label != "" { taillabel = fmt.Sprintf("%s(%s)", ifaceInfo.Name, ifaceInfo.Label) } else { taillabel = ifaceInfo.Name } newEdge.Attr("headlabel", strings.Split(ifaceInfo.Args, "#")[1]) newEdge.Attr("taillabel", taillabel) newEdge.Attr("fontsize", "8") } else { edge := findEdges[0] if ifaceInfo.Label != "" { headlabel := fmt.Sprintf("%s(%s)", edge.GetAttr("headlabel"), ifaceInfo.Label) edge.Attr("headlabel", headlabel) } } } else if ifaceInfo.Type == "bridge" { argsName = ifaceInfo.Args toNode := g.Node(argsName) findEdges := g.FindEdges(toNode, fromNode) if len(findEdges) == 0 { newEdge := g.Edge(fromNode, toNode) newEdge.Attr("arrowhead", "none") newEdge.Attr("labelfloat", "true") newEdge.Attr("headlabel", argsName) taillabel := "" if ifaceInfo.Label != "" { taillabel = fmt.Sprintf("%s(%s)", ifaceInfo.Name, ifaceInfo.Label) } else { taillabel = ifaceInfo.Name } newEdge.Attr("taillabel", taillabel) newEdge.Attr("fontsize", "8") } else { edge := findEdges[0] if ifaceInfo.Label != "" { headlabel := fmt.Sprintf("%s(%s)", edge.GetAttr("headlabel"), ifaceInfo.Label) edge.Attr("headlabel", headlabel) } } } } } if format == "mermaid" { fmt.Println(dot.MermaidGraph(g, dot.MermaidTopToBottom)) } else { fmt.Fprintln(os.Stdout, g.String()) } return nil } func CmdInit(c *cli.Context) error { tnConf, err := shell.GenerateFile() if err != nil { log.Fatal(err) } fmt.Fprintln(os.Stdout, tnConf) return nil } func CmdPs(c *cli.Context) error { all := c.Bool("all") fmt.Println("echo '---------------------------------------------------------------------------------'") fmt.Println("echo ' Docker Status '") fmt.Println("echo '---------------------------------------------------------------------------------'") dockerPsCmd := shell.DockerPs(all) fmt.Println(dockerPsCmd) fmt.Println("echo '---------------------------------------------------------------------------------'") fmt.Println("echo ' IP NETNS LIST '") fmt.Println("echo '---------------------------------------------------------------------------------'") netnsPsCmd := shell.NetnsPs() fmt.Println(netnsPsCmd) return nil } func CmdPull(c *cli.Context) error { tnconfig, verbose, err := LoadCfg(c) if err != nil { return err } pullCmds := shell.Pull(tnconfig.Nodes) utils.PrintCmds(os.Stdout, pullCmds, verbose) return nil } func CmdReConf(c *cli.Context) error { // stop, remove if err := CmdDown(c); err != nil { return err } // create and start if err := CmdUp(c); err != nil { return err } // config if err := CmdConf(c); err != nil { return err } return nil } func CmdReUp(c *cli.Context) error { // stop, remove if err := CmdDown(c); err != nil { return err } // create and start if err := CmdUp(c); err != nil { return err } return nil } func CmdTest(c *cli.Context) error { tnconfig, _, err := LoadCfg(c) if err != nil { return err } testName := c.Args().Get(0) var tnTestCmds []string if testName == "all" || testName == "" { for _, test := range tnconfig.Test { tnTestCmds = test.TnTestCmdExec() } } else { for _, test := range tnconfig.Test { if testName == test.Name { tnTestCmds = test.TnTestCmdExec() } } } if len(tnTestCmds) == 0 { return fmt.Errorf("not found test name\n") } fmt.Fprintln(os.Stdout, strings.Join(tnTestCmds, "\n")) return nil } ================================================ FILE: commands.go ================================================ package main import "github.com/urfave/cli/v2" var commands = []*cli.Command{ commandBuild, commandCheck, commandConf, commandDown, commandExec, commandImg, commandInit, commandPs, commandPull, commandReConf, commandReUp, commandTest, commandUp, commandUpConf, } var commandBuild = &cli.Command{ Name: "build", Usage: "Build docker Image from tinet config file", Action: CmdBuild, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandUp = &cli.Command{ Name: "up", Usage: "create Node from tinet config file", Action: CmdUp, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandConf = &cli.Command{ Name: "conf", Usage: "configure Node from tinet config file", Action: CmdConf, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandUpConf = &cli.Command{ Name: "upconf", Usage: "Create, start and config", Action: CmdUpConf, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandDown = &cli.Command{ Name: "down", Usage: "Down Node from tinet config file", Action: CmdDown, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandExec = &cli.Command{ Name: "exec", Usage: "Execute Command on Node from tinet config file.", Action: CmdExec, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandImg = &cli.Command{ Name: "img", Usage: "visualize network topology by graphviz from tinet config file", Action: CmdImg, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.StringFlag{ Name: "format", Aliases: []string{"f"}, Usage: "Image output format", Value: "graphviz", }, }, } var commandInit = &cli.Command{ Name: "init", Usage: "Generate tinet config template file", Action: CmdInit, } var commandPs = &cli.Command{ Name: "ps", Usage: "docker and netns process", Action: CmdPs, Flags: []cli.Flag{ &cli.BoolFlag{ Name: "all", Aliases: []string{"a"}, Usage: "all docker and netns", }, }, } var commandPull = &cli.Command{ Name: "pull", Usage: "Pull Node docker image from tinet config file", Action: CmdPull, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, }, } var commandReConf = &cli.Command{ Name: "reconf", Usage: "Stop, remove, create, start and config", Action: CmdReConf, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandReUp = &cli.Command{ Name: "reup", Usage: "Stop, remove, create, start", Action: CmdReUp, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, &cli.BoolFlag{ Name: "verbose", Aliases: []string{"v"}, Usage: "Verbose", }, }, } var commandTest = &cli.Command{ Name: "test", Usage: "Execute test commands from tinet config file.", Action: CmdTest, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, }, } var commandCheck = &cli.Command{ Name: "check", Usage: "check config", Action: CmdCheck, Flags: []cli.Flag{ &cli.StringFlag{ Name: "config", Aliases: []string{"c"}, Usage: "Specify the Config file.", Value: "spec.yaml", }, }, } ================================================ FILE: configs/spec_template.yaml ================================================ precmd: - cmds: - cmd: "" preinit: - cmds: - cmd: "" preconf: - cmds: - cmd: "" postinit: - cmds: - cmd: "" postfini: - cmds: - cmd: "" nodes: - name: "" type: "" net_base: "" image: "" interfaces: - name: "" type: "" args: "" addr: "" label: "" sysctls: [] switches: - name: "" interfaces: - name: "" type: "" args: "" addr: "" node_configs: - name: "" cmds: - cmd: "" test: - name: "" cmds: - cmd: "" ================================================ FILE: docs/command-line-usage-example.md ================================================ # Command Line Usage Example ## tn build That hasn't been implemented yet. ## tn check ``` ## Check link node to node tn check -c spec.yaml ``` ## tn conf ``` tn conf -c spec.yaml ## docker and netns exec config tn conf -c spec.yaml | sudo sh -x ``` ## tn down ``` tn down -c spec.yaml ## Remove docker container and netns tn conf -c spec.yaml | sudo sh -x ``` ## tn exec That hasn't been implemented yet. ## tn help ``` tn help tn -h ``` ## tn img ``` ## Output dot tn img -c spec.yaml ## Generate img file tn img -c spec.yaml | dot -Tpng > spec.png ``` ## tn init ``` ## Output tinet config template tn init ## Generate Tinet config file tn init > spec.yaml ``` ## tn print ``` tn print -c spec.yaml ``` ## tn ps ``` ## Output docker and netns info cmd tn ps -c spec.yaml ## Output docker and netns info tn ps -c spec.yaml | sudo sh -x ``` ## tn pull ``` tn pull -c spec.yaml ## Execute docker pull tn pull -c spec.yaml | sudo sh -x ``` ## tn reconf ``` tn reconf -c spec.yaml ## down, up, conf tn reconf -c spec.yaml | sudo sh -x ``` ## tn reup ``` tn reup -c spec.yaml ## down, up tn reup -c spec.yaml | sudo sh -x ``` ## tn up ``` tn up -c spec.yaml ## up tn up -c spec.yaml | sudo sh -x ``` ## tn upconf ``` tn upconf -c spec.yaml ## up, conf tn upconf -c spec.yaml | sudo sh -x ``` ## tn version ``` tn version ``` ================================================ FILE: docs/specification_yml.md ================================================ # Yaml Format ## Node Definition ### Node type - name: node name. It will be container-name or netns-name. - type: node type (default: docker) - docker: node is docker container - netns: node is just network namespace - image: specify docker-image - sysctls: set sysctls - mounts: mounts file/directory on the container - dns: set DNS resolver - dns_search: set DNS search domain ``` nodes: - name: Node0 image: ubuntu:18.04 - name: Node1 type: netns - name: Node2 build: . ``` ### Interface Definition - type - direct: p2p connect to other container - bridge: bridge connection - phys : host's network interface - addr: specify mac address ``` nodes: - name: Node0 image: ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R0#net1 } - { name: net0, type: bridge, args: B0 } - { name: eth0, type: phys } - { name: net0, type: direct, args: R1#net1, addr: 11:11:11:11:11:11 } ``` ### Bridge Definition If you use the bridge interface type, you need to define the Bridge-Instance. It'll be created as a linux bridge instance. - name: interface name - type: interface type, you must choose following. - docker: net-if of docker container - netns: net-if of network namespace - phys: host's network interface ``` bridges: - name: Bridge0 interfaces: - { name: net0, type: docker, args: R0 } - { name: net0, type: netns, args: NS0 } - { name: eth0, type: phys } ``` ## Config Definition - name: node name - cmds: shell command ``` node_configs: - name: Router1 cmds: - cmd: ip addr add 10.255.0.10/32 dev lo - cmd: ip addr add 10.0.0.10/24 dev net0 - copy: ./config.conf /usr/local/config.conf - name: Router0 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: >- vtysh -c 'conf t' -c 'router bgp 100' -c ' bgp router-id 10.255.0.1' -c ' neighbor 10.0.0.10 remote-as 100' -c ' neighbor 10.0.0.20 remote-as 100' -c ' neighbor 10.0.0.30 remote-as 100' ``` ## Test Definition - name: test name, you can specify when you run `tn conf -n ` - cmds: same format of config definition ``` test: - name: p2p cmds: - cmd: docker exec S0 ping -c2 10.1.0.1 - cmd: docker exec S1 ping -c2 192.168.0.1 - cmd: docker exec S2 ping -c2 192.168.0.1 - cmd: docker exec S3 ping -c2 192.168.0.1 - name: remote cmds: - cmd: docker exec S0 ping -c2 10.1.0.1 - cmd: docker exec S1 ping -c2 192.168.0.1 - cmd: docker exec S2 ping -c2 192.168.0.1 - cmd: docker exec S3 ping -c2 192.168.0.1 ``` ## System Requirement Definition ``` require: - kernel_min: 4.11.0 - kernel_max: 4.15.0 - kmod: [ mpls_router, mpls_iptunnel, mpls_gso ] - kconfig: [ CONFIG_NET_L3_MASTER_DEV ] ``` ================================================ FILE: examples/bandwidth_tc/spec.yaml ================================================ nodes: - name: C1 image: ip6tables:test interfaces: - { name: net0, type: direct, args: R1#net0 } - name: C4 image: ip6tables:test interfaces: - { name: net0, type: direct, args: R1#net3 } - name: C2 image: ip6tables:test interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C3 image: ip6tables:test interfaces: - { name: net0, type: direct, args: R1#net2 } - name: R1 image: ip6tables:test interfaces: - { name: net0, type: direct, args: C1#net0 } - { name: net1, type: direct, args: C2#net0 } - { name: net2, type: direct, args: C3#net0 } - { name: net3, type: direct, args: C4#net0 } node_configs: - name: C1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route replace default via 10.0.0.1 - name: C4 cmds: - cmd: ip addr add 10.0.0.12/24 dev net0 - cmd: ip route replace default via 10.0.0.1 - name: C2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route replace default via 10.1.0.1 - name: C3 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route replace default via 10.2.0.1 - name: R1 cmds: - cmd: ip link add br0 type bridge - cmd: ip link set br0 up - cmd: ip addr add 10.0.0.1/24 dev br0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip addr add 10.2.0.1/24 dev net2 - cmd: ip link set net0 master br0 - cmd: ip link set net3 master br0 - cmd: tc qdisc add dev net0 root tbf limit 1Mb buffer 200Kb rate 1Mbps - cmd: tc qdisc add dev net2 root tbf limit 1Mb buffer 200Kb rate 1Mbps - cmd: ethtool -K net0 tso off gso off - cmd: ethtool -K net2 tso off gso off - cmd: tc qdisc replace dev net0 root netem delay 10ms - cmd: tc qdisc replace dev net1 root netem delay 10ms - cmd: tc qdisc replace dev net2 root netem delay 10ms - cmd: tc qdisc replace dev net3 root netem delay 10ms - cmd: sysctl -w net.ipv4.ip_forward=1 ================================================ FILE: examples/basic_bfd/spec.yaml ================================================ # http://www.asciiflow.com nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R4#net1 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R3#net1 } node_configs: - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.1/32' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.1/30' -c ' ip ospf bfd' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.5/30' -c ' ip ospf bfd' -c 'exit' -c 'router ospf' -c ' network 10.0.0.0/30 area 0' -c ' network 10.0.0.4/30 area 0' -c 'exit' - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.2/32' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.2/30' -c ' ip ospf bfd' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.9/30' -c ' ip ospf bfd' -c 'exit' -c 'router ospf' -c ' network 10.0.0.0/30 area 0' -c ' network 10.0.0.8/30 area 0' -c 'exit' - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.3/32' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.6/30' -c ' ip ospf bfd' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.13/30' -c ' ip ospf bfd' -c 'exit' -c 'router ospf' -c ' network 10.0.0.4/30 area 0' -c ' network 10.0.0.12/30 area 0' - name: R4 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.4/32' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.10/30' -c ' ip ospf bfd' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.14/30' -c ' ip ospf bfd' -c 'exit' -c 'router ospf' -c ' network 10.0.0.8/30 area 0' -c ' network 10.0.0.12/30 area 0' test: - cmds: ## P2P Link test - cmd: docker exec R1 ping -c2 10.0.0.2 - cmd: docker exec R1 ping -c2 10.0.0.6 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.10 - cmd: docker exec R3 ping -c2 10.0.0.5 - cmd: docker exec R3 ping -c2 10.0.0.14 - cmd: docker exec R4 ping -c2 10.0.0.9 - cmd: docker exec R4 ping -c2 10.0.0.13 ================================================ FILE: examples/basic_bgp/README.md ================================================ # BGP Playground ================================================ FILE: examples/basic_bgp/bgp_clos_evpn_vxlan/spec.yaml ================================================ # ref: https://www.apresiatac.jp/blog/201903121016/ nodes: - name: Spine1 image: akiranet24/frr interfaces: - { name: swp49, type: direct, args: Leaf1#swp49 } - { name: swp50, type: direct, args: Leaf2#swp49 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 - name: Spine2 image: akiranet24/frr interfaces: - { name: swp49, type: direct, args: Leaf1#swp50 } - { name: swp50, type: direct, args: Leaf2#swp50 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 - name: Leaf1 image: akiranet24/frr interfaces: - { name: swp49, type: direct, args: Spine1#swp49 } - { name: swp50, type: direct, args: Spine2#swp49 } - { name: swp1, type: direct, args: Vm1#net1 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 - name: Leaf2 image: akiranet24/frr interfaces: - { name: swp49, type: direct, args: Spine1#swp50 } - { name: swp50, type: direct, args: Spine2#swp50 } - { name: swp1, type: direct, args: Vm2#net1 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 - name: Vm1 image: akiranet24/frr interfaces: [ { name: net1, type: direct, args: Leaf1#swp1 } ] sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 - name: Vm2 image: akiranet24/frr interfaces: [ { name: net1, type: direct, args: Leaf2#swp1 } ] sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.lo.rp_filter=0 - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.forwarding=1 - sysctl: net.ipv6.conf.all.seg6_enabled=1 - sysctl: net.ipv6.conf.default.seg6_enabled=1 - sysctl: net.ipv4.fib_multipath_hash_policy=1 node_configs: - name: Spine1 cmds: - cmd: sed -i s/'#frr_profile="datacenter"'/'frr_profile="datacenter"'/ /etc/frr/daemons - cmd: /etc/init.d/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.0.0.1/32" -c "int swp49" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "int swp50" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "router bgp 65020" -c " bgp router-id 10.0.0.1" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC bfd" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor swp49 interface peer-group FABRIC" -c " neighbor swp50 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 10.0.0.1/32" -c " exit-address-family" -c " address-family l2vpn evpn" -c " neighbor FABRIC activate" -c " exit-address-family" - name: Spine2 cmds: - cmd: sed -i s/'#frr_profile="datacenter"'/'frr_profile="datacenter"'/ /etc/frr/daemons - cmd: /etc/init.d/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.0.0.2/32" -c "int swp49" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "int swp50" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "router bgp 65020" -c " bgp router-id 10.0.0.2" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC bfd" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor swp49 interface peer-group FABRIC" -c " neighbor swp50 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 10.0.0.2/32" -c " exit-address-family" -c " address-family l2vpn evpn" -c " neighbor FABRIC activate" -c " exit-address-family" - name: Leaf1 cmds: - cmd: sed -i s/'#frr_profile="datacenter"'/'frr_profile="datacenter"'/ /etc/frr/daemons - cmd: /etc/init.d/frr start - cmd: ip link add br0 type bridge vlan_filtering 1 - cmd: ip link add link swp1 name swp1.100 type vlan id 100 - cmd: ip link add vni-10100 type vxlan id 10100 local 10.0.0.11 remote 10.0.0.12 dstport 4789 nolearning - cmd: ip link set vni-10100 master br0 - cmd: ip link set swp1.100 master br0 - cmd: ip link set br0 up - cmd: ip link set vni-10100 up - cmd: ip link set swp1.100 up - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.0.0.11/32" -c "int swp49" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "int swp50" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "router bgp 65011" -c " bgp router-id 10.0.0.11" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC bfd" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor swp49 interface peer-group FABRIC" -c " neighbor swp50 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 10.0.0.11/32" -c " exit-address-family" -c " address-family l2vpn evpn" -c " neighbor FABRIC activate" -c " advertise-all-vni" -c " exit-address-family" - name: Leaf2 cmds: - cmd: sed -i s/'#frr_profile="datacenter"'/'frr_profile="datacenter"'/ /etc/frr/daemons - cmd: /etc/init.d/frr start - cmd: ip link add br0 type bridge vlan_filtering 1 - cmd: ip link add link swp1 name swp1.100 type vlan id 100 - cmd: ip link add vni-10100 type vxlan id 10100 local 10.0.0.12 remote 10.0.0.11 dstport 4789 nolearning - cmd: ip link set vni-10100 master br0 - cmd: ip link set swp1.100 master br0 - cmd: ip link set br0 up - cmd: ip link set vni-10100 up - cmd: ip link set swp1.100 up - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.0.0.12/32" -c "int swp49" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "int swp50" -c "ipv6 nd ra-interval 10" -c "no ipv6 nd suppress-ra" -c "router bgp 65012" -c " bgp router-id 10.0.0.12" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC bfd" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor swp49 interface peer-group FABRIC" -c " neighbor swp50 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 10.0.0.12/32" -c " exit-address-family" -c " address-family l2vpn evpn" -c " neighbor FABRIC activate" -c " advertise-all-vni" -c " exit-address-family" - name: Vm1 cmds: - cmd: /etc/init.d/frr start - cmd: ip link add link net1 name net1.100 type vlan id 100 - cmd: ip addr add 172.16.100.10/24 dev net1.100 - cmd: ip link set net1.100 up - name: Vm2 cmds: - cmd: /etc/init.d/frr start - cmd: ip link add link net1 name net1.100 type vlan id 100 - cmd: ip addr add 172.16.100.20/24 dev net1.100 - cmd: ip link set net1.100 up test: - cmds: - cmd: docker exec Vm1 ping -c2 172.16.100.20 ================================================ FILE: examples/basic_bgp/graceful_restart/simple_ipv4_unicast/README.md ================================================ # Simple IPv4 unicast BGP-GR ``` $ tinet up -c spec.yaml | sudo sh $ docker exec -it R2 bash R2# tcpdump -nnli net0 # another shell $ tinet conf -c spec.yaml | sudo sh $ docker exec R1 pkill -9 bgpd ``` ================================================ FILE: examples/basic_bgp/graceful_restart/simple_ipv4_unicast/spec.yaml ================================================ nodes: - name: C1 image: alpine:latest interfaces: - { name: net1, type: direct, args: R1#net1 } - name: R1 image: frrouting/frr:v8.1.0 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R2 image: frrouting/frr:v8.1.0 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 node_configs: - name: R1 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c ' ip address 10.255.0.1/16' -c '!' -c 'interface net1' -c ' ip address 192.168.10.1/16' -c '!' -c 'ip prefix-list PL1 permit 192.168.0.0/16' -c '!' -c 'route-map RM1 permit 10' -c ' match ip address prefix-list PL1' -c '!' -c 'router bgp 65001' -c ' no bgp ebgp-requires-policy' -c ' bgp router-id 10.255.0.1' -c ' bgp graceful-restart' -c ' bgp graceful-restart preserve-fw-state' -c ' bgp graceful-restart restart-time 1800' -c ' bgp graceful-restart stalepath-time 1800' -c ' neighbor 10.255.0.2 remote-as 65002' -c ' neighbor 10.255.0.2 route-map RM1 out' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' - cmd: vtysh -c 'write mem' - name: R2 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c ' ip address 10.255.0.2/16' -c '!' -c 'ip prefix-list PL1 permit 192.168.0.0/16' -c '!' -c 'route-map RM1 permit 10' -c ' match ip address prefix-list PL1' -c '!' -c 'router bgp 65002' -c ' no bgp ebgp-requires-policy' -c ' bgp router-id 10.255.0.2' -c ' bgp graceful-restart' -c ' bgp graceful-restart preserve-fw-state' -c ' bgp graceful-restart restart-time 1800' -c ' bgp graceful-restart stalepath-time 1800' -c ' neighbor 10.255.0.1 remote-as 65001' -c ' neighbor 10.255.0.1 route-map RM1 in' - cmd: vtysh -c 'write mem' - name: C1 cmds: - cmd: ip addr add 192.168.10.254/16 dev net1 - cmd: route add default gw 192.168.10.1 test: - cmds: - cmd: docker exec R1 ping -c2 192.168.10.254 - cmd: docker exec R2 ping -c2 192.168.10.254 ================================================ FILE: examples/basic_bgp/hv_bgp_dcn/README.md ================================================ # HV route advertisement study for BGP-DCN - [GOOD reference about routing-info manupulation by @ukinau](https://engineering.linecorp.com/ja/blog/openstack-summit-vancouver-2018-recap-2-2/) - [GOOD reference about proxy arp by @ukinau](https://qiita.com/ukinau/items/cb25588fb0c276a009dc) ![](topo.png) ``` docker exec TOR vtysh -c 'show bgp ipv4 unicast' BGP table version is 4, local router ID is 10.255.0.99, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 0.0.0.0 0 32768 ? *> 10.0.0.11/32 dn1 0 0 65001 ? *> 10.0.0.12/32 dn1 0 0 65001 ? *> 10.0.0.13/32 dn1 0 0 65001 ? Displayed 4 routes and 4 total paths ``` ================================================ FILE: examples/basic_bgp/hv_bgp_dcn/spec.yaml ================================================ nodes: - name: TOR image: slankdev/frr interfaces: - { name: dn1, type: direct, args: HV1#up1 } - name: HV1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: TOR#dn1 } - { name: dn1, type: direct, args: VM1#net0 } - { name: dn2, type: direct, args: VM2#net0 } - { name: dn3, type: direct, args: VM3#net0 } - name: VM1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: HV1#dn1 } - name: VM2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: HV1#dn2 } - name: VM3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: HV1#dn3 } node_configs: - name: TOR cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: ip addr add 1.1.1.1/32 dev lo - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface dn1' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65099' -c ' bgp router-id 10.255.0.99' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor dn1 interface peer-group PEER' -c '!' -c ' address-family ipv4 unicast' -c ' neighbor dn1 activate' -c ' redistribute connected' -c ' exit-address-family' - name: HV1 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: ip addr add 10.0.0.1/24 dev dn1 - cmd: ip addr add 10.0.0.1/24 dev dn2 - cmd: ip addr add 10.0.0.1/24 dev dn3 - cmd: ip route add 10.0.0.11 dev dn1 - cmd: ip route add 10.0.0.12 dev dn2 - cmd: ip route add 10.0.0.13 dev dn3 - cmd: sysctl -w net.ipv4.conf.dn1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.dn2.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.dn3.proxy_arp=1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface up1' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65001' -c ' bgp router-id 10.255.0.1' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor up1 interface peer-group PEER' -c ' !' -c ' address-family ipv4 unicast' -c ' redistribute kernel route-map TO_TOR' -c ' neighbor up1 route-map TO_TOR out' -c ' exit-address-family' -c '!' -c 'route-map TO_TOR permit 1' -c 'match ip address prefix-len 32' -c 'exit' - name: VM1 cmds: - cmd: ip addr add 10.0.0.11/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: VM2 cmds: - cmd: ip addr add 10.0.0.12/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: VM3 cmds: - cmd: ip addr add 10.0.0.13/24 dev net0 - cmd: ip route add default via 10.0.0.1 ================================================ FILE: examples/basic_bgp/hv_bgp_dcn_isol/Makefile ================================================ sh: docker exec TOR vtysh -c 'show bgp ipv4 vpn' ================================================ FILE: examples/basic_bgp/hv_bgp_dcn_isol/README.md ================================================ # HV route advertisement study for BGP-DCN - [GOOD reference about routing-info manupulation by @ukinau](https://engineering.linecorp.com/ja/blog/openstack-summit-vancouver-2018-recap-2-2/) - [GOOD reference about proxy arp by @ukinau](https://qiita.com/ukinau/items/cb25588fb0c276a009dc) ![](topo.png) ``` docker exec TOR vtysh -c 'show bgp ipv4 unicast' BGP table version is 4, local router ID is 10.255.0.99, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 0.0.0.0 0 32768 ? *> 10.0.0.11/32 dn1 0 0 65001 ? *> 10.0.0.12/32 dn1 0 0 65001 ? *> 10.0.0.13/32 dn1 0 0 65001 ? Displayed 4 routes and 4 total paths ``` ================================================ FILE: examples/basic_bgp/hv_bgp_dcn_isol/spec.yaml ================================================ nodes: - name: TOR # image: slankdev/frr-dev:latest image: slankdev/frr-dev:draft-ietf-bess-srv6-services interfaces: - { name: dn1, type: direct, args: HV1#up1 } - name: HV1 # image: slankdev/frr-dev:latest image: slankdev/frr-dev:draft-ietf-bess-srv6-services interfaces: - { name: up1, type: direct, args: TOR#dn1 } - { name: dn1, type: direct, args: VM1#net0 } - { name: dn2, type: direct, args: VM2#net0 } - { name: dn3, type: direct, args: VM3#net0 } - name: VM1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: HV1#dn1 } - name: VM2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: HV1#dn2 } - name: VM3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: HV1#dn3 } node_configs: - name: TOR cmds: - cmd: sh -c "echo > /etc/frr/frr.conf" - cmd: sh -c "enable_seg6_router.py | sh" - cmd: ip addr add 1.1.1.1/32 dev lo - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface dn1' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65099' -c ' bgp router-id 10.255.0.99' -c ' no bgp default ipv4-unicast' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor dn1 interface peer-group PEER' -c '!' -c ' address-family ipv4 vpn' -c ' neighbor PEER activate' -c ' exit-address-family' - name: HV1 cmds: - cmd: sh -c "echo > /etc/frr/frr.conf" - cmd: sh -c "enable_seg6_router.py | sh" - cmd: ip link add vrf1 type vrf table 10 - cmd: ip link set vrf1 up - cmd: ip link set dn1 vrf vrf1 - cmd: ip link set dn2 vrf vrf1 - cmd: ip link set dn3 vrf vrf1 - cmd: ip addr add 10.0.0.1/24 dev dn1 noprefixroute - cmd: ip addr add 10.0.0.1/24 dev dn2 noprefixroute - cmd: ip addr add 10.0.0.1/24 dev dn3 noprefixroute - cmd: ip route add 10.0.0.11 dev dn1 vrf vrf1 - cmd: ip route add 10.0.0.12 dev dn2 vrf vrf1 - cmd: ip route add 10.0.0.13 dev dn3 vrf vrf1 - cmd: sysctl -w net.ipv4.conf.dn1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.dn2.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.dn3.proxy_arp=1 - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface up1' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65001' -c ' bgp router-id 10.255.0.1' -c ' no bgp default ipv4-unicast' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor up1 interface peer-group PEER' -c ' !' -c ' address-family ipv4 vpn' -c ' neighbor PEER activate' -c ' segment-routing-ipv6' -c ' exit-address-family' -c '!' -c 'router bgp 65001 vrf vrf1' -c ' bgp router-id 10.255.0.1' -c ' bgp bestpath as-path multipath-relax' -c ' !' -c ' address-family ipv4 unicast' -c ' redistribute kernel' -c ' sid vpn export locator default' -c ' rd vpn export 65001:1' -c ' rt vpn both 100:1' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c '!' -c 'segment-routing-ipv6' -c ' encapsulation source-address 2001:1::' -c ' locator prefix 2001:1::/64' -c ' exit' -c '!' -c 'route-map TO_TOR permit 1' -c ' match ip address prefix-len 32' -c ' exit' - name: VM1 cmds: - cmd: ip addr add 10.0.0.11/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: VM2 cmds: - cmd: ip addr add 10.0.0.12/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: VM3 cmds: - cmd: ip addr add 10.0.0.13/24 dev net0 - cmd: ip route add default via 10.0.0.1 ================================================ FILE: examples/basic_bgp/local_pref/README.md ================================================ ![topology](topo.png "bgp") ================================================ FILE: examples/basic_bgp/local_pref/spec.yaml ================================================ nodes: - name: R1 image: frrouting/frr:latest docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R4#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R2 image: frrouting/frr:latest docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R3 image: frrouting/frr:latest docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R5#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R4 image: frrouting/frr:latest docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net2 } - { name: net1, type: direct, args: R5#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R5 image: frrouting/frr:latest docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R3#net1 } - { name: net1, type: direct, args: R4#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 node_configs: - name: R1 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip addr add 10.2.0.1/24 dev net2 - cmd: >- vtysh -c "conf t" -c "router bgp 65001" -c "no bgp ebgp-requires-policy" -c ' bgp router-id 1.1.1.1' -c "neighbor 10.0.0.2 remote-as 65002" -c "neighbor 10.1.0.2 remote-as 65003" -c "neighbor 10.2.0.2 remote-as 65004" -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' neighbor 10.2.0.2 route-map LOCAL_PREF200 in' -c ' exit-address-family' -c 'access-list 1 permit 10.11.0.0/24' -c 'route-map LOCAL_PREF200 permit 10' -c ' match ip address 1' -c ' set local-preference 200' -c ' exit' -c 'route-map LOCAL_PREF200 permit 20' -c '!' - name: R2 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: >- vtysh -c "conf t" -c "router bgp 65002" -c "no bgp ebgp-requires-policy" -c ' bgp router-id 1.1.1.2' -c "neighbor 10.0.0.1 remote-as 65001" -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' -c '!' - name: R3 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.11.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 65003" -c "no bgp ebgp-requires-policy" -c ' bgp router-id 1.1.1.3' -c "neighbor 10.1.0.1 remote-as 65001" -c "neighbor 10.11.0.2 remote-as 65005" -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' -c '!' - name: R4 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip addr add 10.12.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 65004" -c "no bgp ebgp-requires-policy" -c ' bgp router-id 1.1.1.4' -c "neighbor 10.2.0.1 remote-as 65001" -c "neighbor 10.12.0.2 remote-as 65005" -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' -c '!' - name: R5 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: ip addr add 10.11.0.2/24 dev net0 - cmd: ip addr add 10.12.0.2/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 65005" -c "no bgp ebgp-requires-policy" -c ' bgp router-id 1.1.1.5' -c "neighbor 10.11.0.1 remote-as 65003" -c "neighbor 10.12.0.1 remote-as 65004" -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' -c '!' ================================================ FILE: examples/basic_bgp/mpbgp_ipv4_labeled_unicast/README.md ================================================ # MP-BGP labeled unicast example ``` bgp unnumbered ipv4-labeld-unicast enabled [R0]-----------------[R1] AS1 AS2 ``` ================================================ FILE: examples/basic_bgp/mpbgp_ipv4_labeled_unicast/spec.yaml ================================================ precmd: - cmds: - cmd: export IMAGE=slankdev/frr:centos-7-stable-7.0 nodes: - name: R0 image: $IMAGE interfaces: - { name: net0, type: direct, args: R1#net0 } - name: R1 image: $IMAGE interfaces: - { name: net0, type: direct, args: R0#net0 } node_configs: - name: R0 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 1.1.1.1" -c " no bgp default ipv4-unicast" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " redistribute kernel" -c " exit-address-family" -c " !" -c " address-family ipv4 labeled-unicast" -c " neighbor FABRIC activate" -c " exit-address-family" -c "!" - name: R1 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 2" -c " bgp router-id 2.2.2.2" -c " no bgp default ipv4-unicast" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " redistribute kernel" -c " exit-address-family" -c " !" -c " address-family ipv4 labeled-unicast" -c " neighbor FABRIC activate" -c " exit-address-family" -c "!" ================================================ FILE: examples/basic_bgp/path_attr/README.md ================================================ # BGP route-map playground (import-prefix-filter) ![](topo.png) ``` docker exec R3 vtysh -c 'show bgp ipv4 unicast' BGP table version is 1, local router ID is 10.255.0.3, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.0.0.2/32 net0 0 65001 65002 i Displayed 1 routes and 1 total paths ``` ``` docker exec R4 vtysh -c 'show bgp ipv4 unicast' BGP table version is 3, local router ID is 10.255.0.4, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.0.0.1/32 net0 0 65001 65002 i *> 10.0.0.2/32 net0 0 65001 65002 i *> 10.0.0.3/32 net0 0 65001 65002 i Displayed 3 routes and 3 total paths ``` ================================================ FILE: examples/basic_bgp/path_attr/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R4#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net2 } node_configs: - name: R1 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c 'interface net1' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c 'interface net2' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65001' -c ' bgp router-id 10.255.0.1' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c ' neighbor net1 interface peer-group PEER' -c ' neighbor net2 interface peer-group PEER' -c '!' -c ' address-family ipv4 unicast' -c ' neighbor net0 activate' -c ' exit-address-family' -c '!' -c 'ip prefix-list PREF1 seq 5 permit 10.0.0.1/32' -c 'ip prefix-list PREF2 seq 5 permit 10.0.0.2/32' -c 'ip prefix-list PREF3 seq 5 permit 10.0.0.3/32' - name: R2 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65002' -c ' bgp router-id 10.255.0.2' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.0.0.1/32 route-map COM1' -c ' network 10.0.0.2/32 route-map COM2' -c ' network 10.0.0.3/32 route-map COM3' -c ' exit-address-family' -c '!' -c 'ip prefix-list PREF1 seq 5 permit 10.0.0.1/32' -c 'ip prefix-list PREF2 seq 5 permit 10.0.0.2/32' -c 'ip prefix-list PREF3 seq 5 permit 10.0.0.3/32' -c '!' -c 'route-map COM1 permit 1' -c 'set community 65002:1' -c 'exit' -c 'route-map COM2 permit 1' -c 'set community 65002:2' -c 'exit' -c 'route-map COM3 permit 1' -c 'set community 65002:3' -c 'exit' - name: R3 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65003' -c ' bgp router-id 10.255.0.3' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c ' !' -c ' address-family ipv4 unicast' -c ' neighbor net0 route-map MAP1 in' -c ' exit-address-family' -c '!' -c 'route-map MAP1 permit 1' -c ' match ip address prefix-list PREF2' -c ' !match community 65002:2' -c ' exit' -c '!' -c 'ip prefix-list PREF1 seq 5 permit 10.0.0.1/32' -c 'ip prefix-list PREF2 seq 5 permit 10.0.0.2/32' -c 'ip prefix-list PREF3 seq 5 permit 10.0.0.3/32' - name: R4 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c 'ipv6 nd ra-interval 3' -c 'no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65004' -c ' bgp router-id 10.255.0.4' -c ' bgp bestpath as-path multipath-relax' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c '!' -c 'ip prefix-list PREF1 seq 5 permit 10.0.0.1/32' -c 'ip prefix-list PREF2 seq 5 permit 10.0.0.2/32' -c 'ip prefix-list PREF3 seq 5 permit 10.0.0.3/32' ================================================ FILE: examples/basic_bgp/route_reflector/spec.yaml ================================================ # DESCRIPTION: # Basic iBGP RR test using and FRR # create reachability with loopback with OSPF # # INIT: # cns spec.yaml init | sudo sh # cns spec.yaml conf | sudo sh # cns spec.yaml test | sudo sh # FINI: # cns spec.yaml fini | sudo sh # TOPO: # 10.0.0.0/24 .1(net0) # B0----+-----------------+-----------------+------RR0(255.1.0.1) # | | | # |.10(net0) |.11(net0) |.12(net0) # R0(255.10.0.1) R1(255.11.0.1) R2(255.12.0.1) # |.1(net1) |.1(net1) |.1(net1) # | | | # |192.168.10.0/24 |192.168.11.0/24 |192.168.12.0/24 # | | | # |.2(net0) |.2(net0) |.2(net0) # C0 C1 C2 # nodes: - name: RR0 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - name: R0 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C0#net0 } - name: C0 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R0#net1 } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C1#net0 } - name: C1 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C2#net0 } - name: C2 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R2#net1 } switches: - name: B0 interfaces: - { name: net0, type: container, args: RR0 } - { name: net0, type: container, args: R0 } - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } node_configs: - name: RR0 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: >- vtysh -c "conf t" -c "interface lo" -c "ip address 10.255.0.1/32" -c "exit" -c "interface net0" -c "ip address 10.0.0.1/24" -c "exit" -c "router ospf" -c " network 10.255.0.1/32 area 0" -c " network 10.0.0.0/24 area 0" -c "exit" -c "router bgp 100" -c " bgp router-id 10.255.0.1" -c " neighbor 10.255.0.10 remote-as 100" -c " neighbor 10.255.0.10 update-source lo" -c " neighbor 10.255.0.11 remote-as 100" -c " neighbor 10.255.0.11 update-source lo" -c " neighbor 10.255.0.12 remote-as 100" -c " neighbor 10.255.0.12 update-source lo" -c " address-family ipv4 unicast" -c " neighbor 10.255.0.10 route-reflector-client" -c " neighbor 10.255.0.11 route-reflector-client" -c " neighbor 10.255.0.12 route-reflector-client" -c " exit-address-family" -c "exit" - name: R0 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: >- vtysh -c "conf t" -c "interface lo" -c "ip address 10.255.0.10/32" -c "exit" -c "interface net0" -c "ip address 10.0.0.10/24" -c "exit" -c "interface net1" -c "ip address 192.168.10.1/24" -c "exit" -c "router ospf" -c " network 10.255.0.10/32 area 0" -c " network 10.0.0.0/24 area 0" -c "exit" -c "router bgp 100" -c " bgp router-id 10.255.0.10" -c " neighbor 10.255.0.1 remote-as 100" -c " neighbor 10.255.0.1 update-source lo" -c " network 192.168.10.0/24" -c "exit" - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: >- vtysh -c "conf t" -c "interface lo" -c "ip address 10.255.0.11/32" -c "exit" -c "interface net0" -c "ip address 10.0.0.11/24" -c "exit" -c "interface net1" -c "ip address 192.168.11.1/24" -c "exit" -c "router ospf" -c " network 10.255.0.11/32 area 0" -c " network 10.0.0.0/24 area 0" -c "exit" -c "router bgp 100" -c " bgp router-id 10.255.0.11" -c " neighbor 10.255.0.1 remote-as 100" -c " neighbor 10.255.0.1 update-source lo" -c " network 192.168.11.0/24" -c "exit" - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: >- vtysh -c "conf t" -c "interface lo" -c "ip address 10.255.0.12/32" -c "exit" -c "interface net0" -c "ip address 10.0.0.12/24" -c "exit" -c "interface net1" -c "ip address 192.168.12.1/24" -c "exit" -c "router ospf" -c " network 10.255.0.12/32 area 0" -c " network 10.0.0.0/24 area 0" -c "exit" -c "router bgp 100" -c " bgp router-id 10.255.0.12" -c " neighbor 10.255.0.1 remote-as 100" -c " neighbor 10.255.0.1 update-source lo" -c " network 192.168.12.0/24" -c "exit" - name: C0 cmds: - cmd: ip addr add 192.168.10.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 192.168.10.1 - name: C1 cmds: - cmd: ip addr add 192.168.11.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 192.168.11.1 - name: C2 cmds: - cmd: ip addr add 192.168.12.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 192.168.12.1 test: - cmds: - cmd: docker exec RR0 ping -c2 10.255.0.1 - cmd: docker exec RR0 ping -c2 10.255.0.10 - cmd: docker exec RR0 ping -c2 10.255.0.11 - cmd: docker exec RR0 ping -c2 10.255.0.12 - cmd: docker exec C0 ping -c2 192.168.10.1 - cmd: docker exec C0 ping -c2 192.168.11.2 - cmd: docker exec C0 ping -c2 192.168.12.2 - cmd: docker exec C1 ping -c2 192.168.11.1 - cmd: docker exec C1 ping -c2 192.168.10.2 - cmd: docker exec C1 ping -c2 192.168.12.2 - cmd: docker exec C2 ping -c2 192.168.12.1 - cmd: docker exec C2 ping -c2 192.168.10.2 - cmd: docker exec C2 ping -c2 192.168.11.2 ================================================ FILE: examples/basic_bgp/route_server/spec.yaml ================================================ # DESCRIPTION: eBGP RS test # TOPO: # 10.0.0.0/24 .1(net0) # B0----+-----------------+-----------------+------RS1(10.255.0.1) # | | | # |.10(net0) |.11(net0) |.12(net0) # R1 R2 R3 # |.1(net1) |.1(net1) |.1(net1) # | | | # |192.168.1.0/24 |192.168.2.0/24 |192.168.3.0/24 # | | | # |.2(net0) |.2(net0) |.2(net0) # C1 C2 C3 nodes: - name: RS1 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R1 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C1 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R1#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R2 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C2#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C2 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R2#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R3 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: C3#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C3 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R3#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 switches: - name: B0 interfaces: - { name: net0, type: container, args: RS1 } - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } node_configs: - name: RS1 cmds: - cmd: ip addr add 10.255.0.1/24 dev net0 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 10.255.0.1" -c " neighbor 10.255.0.11 remote-as 11" -c " neighbor 10.255.0.12 remote-as 12" -c " neighbor 10.255.0.13 remote-as 13" -c " !" -c " address-family ipv4 unicast" -c " neighbor 10.255.0.11 route-server-client" -c " neighbor 10.255.0.12 route-server-client" -c " neighbor 10.255.0.13 route-server-client" -c " !neighbor 10.255.0.11 next-hop-self" -c " !neighbor 10.255.0.12 next-hop-self" -c " !neighbor 10.255.0.13 next-hop-self" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " neighbor 10.255.0.11 activate" -c " neighbor 10.255.0.12 activate" -c " neighbor 10.255.0.13 activate" -c " neighbor 10.255.0.11 route-server-client" -c " neighbor 10.255.0.12 route-server-client" -c " neighbor 10.255.0.13 route-server-client" -c " exit-address-family" -c "!" - name: R1 cmds: - cmd: ip addr add 10.255.0.11/24 dev net0 - cmd: ip addr add 192.168.11.1/24 dev net1 - cmd: ip -6 addr add 2001:11::1/64 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 11" -c " bgp router-id 10.255.0.11" -c " neighbor 10.255.0.1 remote-as 1" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c "!" - name: R2 cmds: - cmd: ip addr add 10.255.0.12/24 dev net0 - cmd: ip addr add 192.168.12.1/24 dev net1 - cmd: ip -6 addr add 2001:12::1/64 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 12" -c " bgp router-id 10.255.0.12" -c " neighbor 10.255.0.1 remote-as 1" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c "!" - name: R3 cmds: - cmd: ip addr add 10.255.0.13/24 dev net0 - cmd: ip addr add 192.168.13.1/24 dev net1 - cmd: ip -6 addr add 2001:13::1/64 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 13" -c " bgp router-id 10.255.0.13" -c " neighbor 10.255.0.1 remote-as 1" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " neighbor 10.255.0.1 activate" -c " exit-address-family" -c "!" - name: C1 cmds: - cmd: ip addr add 192.168.11.2/24 dev net0 - cmd: ip route replace default via 192.168.11.1 - name: C2 cmds: - cmd: ip addr add 192.168.12.2/24 dev net0 - cmd: ip route replace default via 192.168.12.1 - name: C3 cmds: - cmd: ip addr add 192.168.13.2/24 dev net0 - cmd: ip route replace default via 192.168.13.1 ================================================ FILE: examples/basic_bgp/route_server_multihop/spec.yaml ================================================ nodes: - name: RS1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: S1#net0 } - name: S1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: RS1#net0 } - { name: net1, type: direct, args: R1#net0 } - { name: net2, type: direct, args: R2#net0 } - { name: net3, type: direct, args: R3#net0 } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: S1#net1 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: S1#net2 } - { name: net1, type: direct, args: C2#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: S1#net3 } - { name: net1, type: direct, args: C3#net0 } - name: C1 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R2#net1 } - name: C3 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R3#net1 } node_configs: - name: RS1 cmds: - cmd: ip addr add 10.255.1.1/24 dev net0 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 1.1.1.1" -c " neighbor 10.255.1.2 remote-as 100" -c " neighbor 10.255.11.1 remote-as 11" -c " neighbor 10.255.11.1 ebgp-multihop 64" -c " neighbor 10.255.12.1 remote-as 12" -c " neighbor 10.255.12.1 ebgp-multihop 64" -c " neighbor 10.255.13.1 remote-as 13" -c " neighbor 10.255.13.1 ebgp-multihop 64" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" - name: S1 cmds: - cmd: ip addr add 10.255.1.2/24 dev net0 - cmd: ip addr add 10.255.11.2/24 dev net1 - cmd: ip addr add 10.255.12.2/24 dev net2 - cmd: ip addr add 10.255.13.2/24 dev net3 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 100" -c " bgp router-id 100.100.100.100" -c " neighbor 10.255.1.1 remote-as 1" -c " neighbor 10.255.11.1 remote-as 11" -c " neighbor 10.255.12.1 remote-as 12" -c " neighbor 10.255.13.1 remote-as 13" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" - name: R1 cmds: - cmd: ip addr add 10.255.11.1/24 dev net0 - cmd: ip addr add 192.168.11.1/24 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 11" -c " bgp router-id 11.11.11.11" -c " neighbor 10.255.11.2 remote-as 100" -c " neighbor 10.255.1.1 remote-as 1" -c " neighbor 10.255.1.1 ebgp-multihop 64" -c " neighbor 10.255.1.1 timer connect 1" -c " !" -c " address-family ipv4 unicast" -c " neighbor 10.255.11.2 prefix-list core-out out" -c " neighbor 10.255.11.2 prefix-list core-in in" -c " neighbor 10.255.1.1 prefix-list rs-out out" -c " neighbor 10.255.1.1 prefix-list rs-in in" -c " redistribute connected" -c " exit-address-family" -c "!" -c "ip prefix-list core-out permit 10.255.0.0/16 le 32" -c "ip prefix-list core-in permit 10.255.0.0/16 le 32" -c "ip prefix-list rs-out permit 192.168.0.0/16 le 32" -c "ip prefix-list rs-in permit 192.168.0.0/16 le 32" - name: R2 cmds: - cmd: ip addr add 10.255.12.1/24 dev net0 - cmd: ip addr add 192.168.12.1/24 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 12" -c " bgp router-id 12.12.12.12" -c " neighbor 10.255.12.2 remote-as 100" -c " neighbor 10.255.1.1 remote-as 1" -c " neighbor 10.255.1.1 ebgp-multihop 64" -c " neighbor 10.255.1.1 timer connect 1" -c " !" -c " address-family ipv4 unicast" -c " neighbor 10.255.12.2 prefix-list core-out out" -c " neighbor 10.255.12.2 prefix-list core-in in" -c " neighbor 10.255.1.1 prefix-list rs-out out" -c " neighbor 10.255.1.1 prefix-list rs-in in" -c " redistribute connected" -c " exit-address-family" -c "!" -c "ip prefix-list core-out permit 10.255.0.0/16 le 32" -c "ip prefix-list core-in permit 10.255.0.0/16 le 32" -c "ip prefix-list rs-out permit 192.168.0.0/16 le 32" -c "ip prefix-list rs-in permit 192.168.0.0/16 le 32" - name: R3 cmds: - cmd: ip addr add 10.255.13.1/24 dev net0 - cmd: ip addr add 192.168.13.1/24 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 13" -c " bgp router-id 13.13.13.13" -c " neighbor 10.255.13.2 remote-as 100" -c " neighbor 10.255.1.1 remote-as 1" -c " neighbor 10.255.1.1 ebgp-multihop 64" -c " neighbor 10.255.1.1 timer connect 1" -c " !" -c " address-family ipv4 unicast" -c " neighbor 10.255.13.2 prefix-list core-out out" -c " neighbor 10.255.13.2 prefix-list core-in in" -c " neighbor 10.255.1.1 prefix-list rs-out out" -c " neighbor 10.255.1.1 prefix-list rs-in in" -c " redistribute connected" -c " exit-address-family" -c "!" -c "ip prefix-list core-out permit 10.255.0.0/16 le 32" -c "ip prefix-list core-in permit 10.255.0.0/16 le 32" -c "ip prefix-list rs-out permit 192.168.0.0/16 le 32" -c "ip prefix-list rs-in permit 192.168.0.0/16 le 32" - name: C1 cmds: - cmd: ip addr add 192.168.11.2/24 dev net0 - cmd: ip route replace default via 192.168.11.1 - name: C2 cmds: - cmd: ip addr add 192.168.12.2/24 dev net0 - cmd: ip route replace default via 192.168.12.1 - name: C3 cmds: - cmd: ip addr add 192.168.13.2/24 dev net0 - cmd: ip route replace default via 192.168.13.1 ================================================ FILE: examples/basic_bgp/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: >- vtysh -c "conf t" -c "router bgp 65001" -c "bgp router-id 10.255.0.1" -c "neighbor 10.0.0.2 remote-as 65002" - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: >- vtysh -c "conf t" -c "router bgp 65002" -c "bgp router-id 10.255.0.2" -c "neighbor 10.0.0.1 remote-as 65001" ================================================ FILE: examples/basic_bgp/unnumbered/spec.yaml ================================================ nodes: - name: R1 image: frrouting/frr:v8.1.0 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R2#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 - name: R2 image: frrouting/frr:v8.1.0 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv4.ip_forward=1 node_configs: - name: R1 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65001' -c ' bgp router-id 10.255.0.1' -c ' bgp bestpath as-path multipath-relax' -c ' no bgp ebgp-requires-policy' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c ' !' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' - name: R2 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'interface net0' -c ' ipv6 nd ra-interval 3' -c ' no ipv6 nd suppress-ra' -c '!' -c 'router bgp 65002' -c ' bgp router-id 10.255.0.2' -c ' bgp bestpath as-path multipath-relax' -c ' no bgp ebgp-requires-policy' -c ' neighbor PEER peer-group' -c ' neighbor PEER remote-as external' -c ' neighbor net0 interface peer-group PEER' -c ' !' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' ================================================ FILE: examples/basic_bgp/vpnv4_mpls/README.md ================================================ # MP-BGP VPNv4 per-VRF w/ MPLS ![](./topo.png) references: configure example of vpnv4 as small set. https://gist.github.com/hkwi/5c116f05667a3abf43c7456fae32a529 setup ``` $ tn upconf | sudo sh ``` check vpn routes on R1 ``` $ docker exec R1 vtysh -c 'show bgp ipv4 vpn' BGP table version is 1, local router ID is 10.255.0.1, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 65001:1 *> 20.1.0.0/24 0.0.0.0@6< 0 32768 ? UN=0.0.0.0 EC{100:1} label=80 type=bgp, subtype=5 Route Distinguisher: 65001:2 *> 20.3.0.0/24 0.0.0.0@7< 0 32768 ? UN=0.0.0.0 EC{100:2} label=81 type=bgp, subtype=5 Route Distinguisher: 65001:3 *> 20.5.0.0/24 0.0.0.0@8< 0 32768 ? UN=0.0.0.0 EC{100:1} label=82 type=bgp, subtype=5 Route Distinguisher: 65002:1 *> 20.2.0.0/24 10.0.0.2 0 0 65002 ? UN=10.0.0.2 EC{100:1} label=80 type=bgp, subtype=0 Route Distinguisher: 65002:2 *> 20.4.0.0/24 10.0.0.2 0 0 65002 ? UN=10.0.0.2 EC{100:2} label=81 type=bgp, subtype=0 Route Distinguisher: 65002:3 *> 20.6.0.0/24 10.0.0.2 0 0 65002 ? UN=10.0.0.2 EC{100:2} label=82 type=bgp, subtype=0 Displayed 6 routes and 6 total paths ``` check vrf's route on VRF1 on R1 (VPNv4 rt100:1) ``` docker exec R1 vtysh -c 'show ip route vrf vrf1' Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, > - selected route, * - FIB route VRF vrf1: C>* 20.1.0.0/24 is directly connected, net1, 00:01:37 B>* 20.2.0.0/24 [200/0] via 10.0.0.2, net0(vrf Default-IP-Routing-Table), label 80, 00:01:30 B>* 20.5.0.0/24 [200/0] is directly connected, net3(vrf vrf3), 00:01:37 ``` ================================================ FILE: examples/basic_bgp/vpnv4_mpls/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - { name: net2, type: direct, args: C3#net0 } - { name: net3, type: direct, args: C5#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C2#net0 } - { name: net2, type: direct, args: C4#net0 } - { name: net3, type: direct, args: C6#net0 } - name: C1 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net1 } ] - name: C2 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net1 } ] - name: C3 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net2 } ] - name: C4 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net2 } ] - name: C5 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net3 } ] - name: C6 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net3 } ] node_configs: - name: R1 cmds: - cmd: sh -c 'echo 100000 > /proc/sys/net/mpls/platform_labels' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net0/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net1/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net2/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net3/input' - cmd: ip link add vrf1 type vrf table 10 - cmd: ip link set vrf1 up - cmd: ip link add vrf2 type vrf table 20 - cmd: ip link set vrf2 up - cmd: ip link add vrf3 type vrf table 30 - cmd: ip link set vrf3 up - cmd: ip link set net1 vrf vrf1 - cmd: ip link set net2 vrf vrf2 - cmd: ip link set net3 vrf vrf3 - cmd: tcpdump -ni net0 -w /tmp/R1.in.pcap & - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf te' -c 'int net0' -c ' ip address 10.0.0.1/24' -c '!' -c 'int net1 vrf vrf1' -c ' ip address 20.1.0.1/24' -c '!' -c 'int net2 vrf vrf2' -c ' ip address 20.3.0.1/24' -c '!' -c 'int net3 vrf vrf3' -c ' ip address 20.5.0.1/24' -c '!' -c 'router bgp 65001' -c ' bgp router-id 10.255.0.1' -c ' neighbor 10.0.0.2 remote-as 65002' -c ' !' -c ' address-family ipv4 unicast' -c ' neighbor 10.0.0.2 activate' -c ' redistribute connected' -c ' redistribute static' -c ' exit-address-family' -c ' !' -c ' address-family ipv4 vpn' -c ' neighbor 10.0.0.2 activate' -c ' exit-address-family' -c '!' -c 'router bgp 65001 vrf vrf1' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65001:1' -c ' rt vpn both 100:1' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' -c 'router bgp 65001 vrf vrf2' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65001:2' -c ' rt vpn both 100:2' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' -c 'router bgp 65001 vrf vrf3' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65001:3' -c ' rt vpn both 100:1' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' - name: R2 cmds: - cmd: sh -c 'echo 100000 > /proc/sys/net/mpls/platform_labels' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net0/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net1/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net2/input' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net3/input' - cmd: ip link add vrf1 type vrf table 10 - cmd: ip link set vrf1 up - cmd: ip link add vrf2 type vrf table 20 - cmd: ip link set vrf2 up - cmd: ip link add vrf3 type vrf table 30 - cmd: ip link set vrf3 up - cmd: ip link set net1 vrf vrf1 - cmd: ip link set net2 vrf vrf2 - cmd: ip link set net3 vrf vrf3 - cmd: tcpdump -ni net0 -w /tmp/R2.in.pcap & - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf te' -c 'int net0' -c ' ip address 10.0.0.2/24' -c '!' -c 'int net1 vrf vrf1' -c ' ip address 20.2.0.1/24' -c '!' -c 'int net2 vrf vrf2' -c ' ip address 20.4.0.1/24' -c '!' -c 'int net3 vrf vrf3' -c ' ip address 20.6.0.1/24' -c '!' -c 'router bgp 65002' -c ' bgp router-id 10.255.0.2' -c ' neighbor 10.0.0.1 remote-as 65001' -c ' !' -c ' address-family ipv4' -c ' neighbor 10.0.0.1 activate' -c ' redistribute connected' -c ' redistribute static' -c ' exit-address-family' -c ' !' -c ' address-family ipv4 vpn' -c ' neighbor 10.0.0.1 activate' -c ' exit-address-family' -c '!' -c 'router bgp 65002 vrf vrf1' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65002:1' -c ' rt vpn both 100:1' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' -c 'router bgp 65002 vrf vrf2' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65002:2' -c ' rt vpn both 100:2' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' -c 'router bgp 65002 vrf vrf3' -c ' address-family ipv4' -c ' export vpn' -c ' import vpn' -c ' rd vpn export 65002:3' -c ' rt vpn both 100:2' -c ' label vpn export auto' -c ' redistribute connected' -c ' exit-address-family' -c '!' - name: C1 cmds: - cmd: ip addr replace 20.1.0.2/24 dev net0 - cmd: ip route replace default via 20.1.0.1 - name: C2 cmds: - cmd: ip addr replace 20.2.0.2/24 dev net0 - cmd: ip route replace default via 20.2.0.1 - name: C3 cmds: - cmd: ip addr replace 20.3.0.2/24 dev net0 - cmd: ip route replace default via 20.3.0.1 - name: C4 cmds: - cmd: ip addr replace 20.4.0.2/24 dev net0 - cmd: ip route replace default via 20.4.0.1 - name: C5 cmds: - cmd: ip addr replace 20.5.0.2/24 dev net0 - cmd: ip route replace default via 20.5.0.1 - name: C6 cmds: - cmd: ip addr replace 20.6.0.2/24 dev net0 - cmd: ip route replace default via 20.6.0.1 test: - name: p2p cmds: - cmd: echo slankdev slankdev - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_bgp/vpnv4_srmpls/README.md ================================================ # MP-BGP VPNv4 per-VRF w/ SR-MPLS ![](./topo.png) setup ``` $ tn upconf | sudo sh ``` ================================================ FILE: examples/basic_bgp/vpnv4_srmpls/spec.yaml ================================================ preinit: - cmds: - cmd: modprobe mpls_router - cmd: modprobe mpls_gso - cmd: modprobe mpls_iptunnel nodes: - name: R1 image: frrouting/frr:v7.5.1 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R4#net0 } - { name: net2, type: direct, args: HostA1#net0 } - { name: net3, type: direct, args: HostB1#net0 } - name: R2 image: frrouting/frr:v7.5.1 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R4#net1 } - name: R3 image: frrouting/frr:v7.5.1 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R4#net2 } - { name: net2, type: direct, args: HostA2#net0 } - { name: net3, type: direct, args: HostB2#net0 } - name: R4 image: frrouting/frr:v7.5.1 docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R2#net2 } - { name: net2, type: direct, args: R3#net1 } - name: HostA1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net2 } - name: HostA2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R3#net2 } - name: HostB1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net3 } - name: HostB2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R3#net3 } node_configs: - name: R1 cmds: - cmd: sed -i -e 's/bgpd=no/bgpd=yes/g' /etc/frr/daemons - cmd: sed -i -e 's/ospfd=no/ospfd=yes/g' /etc/frr/daemons - cmd: sed -i -e 's/pimd=no/pimd=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: sysctl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: ip link set net2 master CUST-A - cmd: ip link set net3 master CUST-B - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.1/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.1/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.9/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net2' -c ' ip address 192.168.0.1/24' -c 'exit' -c 'interface net3' -c ' ip address 192.168.0.1/24' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.1' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.1' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.1/32 index 1001' -c 'exit' -c 'router bgp 65000' -c ' neighbor 10.255.0.3 remote-as 65000' -c ' neighbor 10.255.0.3 update-source 10.255.0.1' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.3 activate' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:10' -c ' rt vpn both 65000:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:20' -c ' rt vpn both 65000:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: sysctl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.conf.net2.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.2/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.2/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.5/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net2' -c ' ip address 10.0.0.13/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.2' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.2' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.2/32 index 1002' -c 'exit' - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: sysctl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: ip link set net2 master CUST-A - cmd: ip link set net3 master CUST-B - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.3/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.6/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.17/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net2' -c ' ip address 192.168.1.1/24' -c 'exit' -c 'interface net3' -c ' ip address 192.168.1.1/24' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.3' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.3' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.3/32 index 1003' -c 'exit' -c 'router bgp 65000' -c ' neighbor 10.255.0.1 remote-as 65000' -c ' neighbor 10.255.0.1 update-source 10.255.0.3' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.1 activate' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:10' -c ' rt vpn both 65000:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:20' -c ' rt vpn both 65000:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' - name: R4 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: sysctl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.conf.net2.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.4/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.10/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.14/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net2' -c ' ip address 10.0.0.18/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.4' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.4' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.4/32 index 1004' -c 'exit' - name: HostA1 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route add default via 192.168.0.1 - name: HostA2 cmds: - cmd: ip addr add 192.168.1.2/24 dev net0 - cmd: ip route add default via 192.168.1.1 - name: HostB1 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route add default via 192.168.0.1 - name: HostB2 cmds: - cmd: ip addr add 192.168.1.2/24 dev net0 - cmd: ip route add default via 192.168.1.1 test: - cmds: ## SR-MPLS Operation - cmd: docker exec R1 ip route add 10.255.0.3/32 encap mpls 17004/17003 via 10.0.0.2 - cmd: docker exec R3 ip route add 10.255.0.1/32 encap mpls 17002/17001 via 10.0.0.18 ## SR-MPLS Test - cmd: docker exec HostA1 ping -c2 192.168.1.2 ================================================ FILE: examples/basic_bgp/vpnv4_srmpls_interas_option-b/README.md ================================================ # MP-BGP VPNv4 per-VRF Inter-AS Option B w/ SR-MPLS ![](./topo.png) setup ``` $ tn upconf | sudo sh ``` ================================================ FILE: examples/basic_bgp/vpnv4_srmpls_interas_option-b/spec.yaml ================================================ preinit: - cmds: - cmd: modprobe mpls_router - cmd: modprobe mpls_gso - cmd: modprobe mpls_iptunnel nodes: ## AS65000 - name: ASBR1 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: ASBR2#net0 } - { name: net1, type: direct, args: P1#net0 } - name: P1 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: ASBR1#net1 } - { name: net1, type: direct, args: PE1#net0 } - name: PE1 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: P1#net1 } - { name: net1, type: direct, args: HostA1#net0 } - { name: net2, type: direct, args: HostB1#net0 } - name: HostA1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: PE1#net1 } - name: HostB1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: PE1#net2 } ## AS65001 - name: ASBR2 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: ASBR1#net0 } - { name: net1, type: direct, args: P2#net0 } - name: P2 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: ASBR2#net1 } - { name: net1, type: direct, args: PE2#net0 } - name: PE2 image: frrouting/frr:v7.5.1 interfaces: - { name: net0, type: direct, args: P2#net1 } - { name: net1, type: direct, args: HostA2#net0 } - { name: net2, type: direct, args: HostB2#net0 } - name: HostA2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: PE2#net1 } - name: HostB2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: PE2#net2 } node_configs: - name: ASBR1 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.1/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 172.16.0.1/30' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.1/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.1' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.1' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.1/32 index 1001' -c 'exit' -c 'router bgp 65000' -c ' neighbor 10.255.0.3 remote-as 65000' -c ' neighbor 10.255.0.3 update-source 10.255.0.1' -c ' neighbor 172.16.0.2 remote-as 65001' -c ' neighbor 172.16.0.2 update-source 172.16.0.1' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.3 activate' -c ' neighbor 10.255.0.3 next-hop-self' -c ' neighbor 172.16.0.2 activate' -c ' neighbor 172.16.0.2 route-map AS65001-IN in' -c ' neighbor 172.16.0.2 route-map AS65001-OUT out' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:10' -c ' rt vpn both 65000:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:20' -c ' rt vpn both 65000:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'bgp extcommunity-list 1 seq 1 permit rt 65000:10' -c 'bgp extcommunity-list 2 seq 1 permit rt 65000:20' -c 'route-map AS65001-IN permit 1' -c 'route-map AS65001-OUT permit 1' -c ' match extcommunity 1' -c ' set extcommunity rt 65001:10' -c 'route-map AS65001-OUT permit 2' -c ' match extcommunity 2' -c ' set extcommunity rt 65001:20' - name: P1 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.2/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.2/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.0.5/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.2' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.2' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.2/32 index 1002' -c 'exit' - name: PE1 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: ip link set net1 master CUST-A - cmd: ip link set net2 master CUST-B - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.3/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.0.6/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 192.168.0.1/24' -c 'exit' -c 'interface net2' -c ' ip address 192.168.0.1/24' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.3' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.3' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.3/32 index 1003' -c 'exit' -c 'router bgp 65000' -c ' neighbor 10.255.0.1 remote-as 65000' -c ' neighbor 10.255.0.1 update-source 10.255.0.3' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.1 activate' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:10' -c ' rt vpn both 65000:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65000 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65000:20' -c ' rt vpn both 65000:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' - name: ASBR2 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.1/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 172.16.0.2/30' -c 'exit' -c 'interface net1' -c ' ip address 10.0.1.1/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.1' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.1' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.1/32 index 1001' -c 'exit' -c 'router bgp 65001' -c ' neighbor 10.255.0.3 remote-as 65001' -c ' neighbor 10.255.0.3 update-source 10.255.0.1' -c ' neighbor 172.16.0.1 remote-as 65000' -c ' neighbor 172.16.0.1 update-source 172.16.0.2' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.3 activate' -c ' neighbor 10.255.0.3 next-hop-self' -c ' neighbor 172.16.0.1 activate' -c ' neighbor 172.16.0.1 route-map AS65000-IN in' -c ' neighbor 172.16.0.1 route-map AS65000-OUT out' -c ' exit-address-family' -c 'exit' -c 'router bgp 65001 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65001:10' -c ' rt vpn both 65001:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65001 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65001:20' -c ' rt vpn both 65001:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'bgp extcommunity-list 1 seq 1 permit rt 65001:10' -c 'bgp extcommunity-list 2 seq 1 permit rt 65001:20' -c 'route-map AS65000-IN permit 1' -c 'route-map AS65000-OUT permit 1' -c ' match extcommunity 1' -c ' set extcommunity rt 65000:10' -c 'route-map AS65000-OUT permit 2' -c ' match extcommunity 2' -c ' set extcommunity rt 65000:20' - name: P2 cmds: - cmd: /usr/lib/fro/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.conf.net1.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.2/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.1.2/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 10.0.1.5/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.2' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.2' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.2/32 index 1002' -c 'exit' - name: PE2 cmds: - cmd: /usr/lib/frr/frr start - cmd: sed -i -e 's/=no/=yes/g' /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh restart - cmd: sysctl -w net.ipv4.ip_forward=1 - cmd: systcl -w net.ipv4.conf.all.rp_filter=0 - cmd: sysctl -w net.mpls.conf.lo.input=1 - cmd: sysctl -w net.mpls.conf.net0.input=1 - cmd: sysctl -w net.mpls.platform_labels=1048575 - cmd: ip link add CUST-A type vrf table 10 - cmd: ip link add CUST-B type vrf table 20 - cmd: ip link set CUST-A up - cmd: ip link set CUST-B up - cmd: ip link set net1 master CUST-A - cmd: ip link set net2 master CUST-B - cmd: >- vtysh -c 'conf t' -c 'interface lo' -c ' ip address 10.255.0.3/32' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net0' -c ' ip address 10.0.1.6/30' -c ' ip ospf area 0.0.0.0' -c 'exit' -c 'interface net1' -c ' ip address 192.168.1.1/24' -c 'exit' -c 'interface net2' -c ' ip address 192.168.1.1/24' -c 'exit' -c 'router ospf' -c ' ospf router-id 10.255.0.3' -c ' router-info area 0.0.0.0' -c ' passive-interface lo' -c ' capability opaque' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.3' -c ' segment-routing on' -c ' segment-routing global-block 16000 19999' -c ' segment-routing node-msd 8' -c ' segment-routing prefix 10.255.0.3/32 index 1003' -c 'exit' -c 'router bgp 65001' -c ' neighbor 10.255.0.1 remote-as 65001' -c ' neighbor 10.255.0.1 update-source 10.255.0.3' -c ' address-family ipv4 vpn' -c ' neighbor 10.255.0.1 activate' -c ' exit-address-family' -c 'exit' -c 'router bgp 65001 vrf CUST-A' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65001:10' -c ' rt vpn both 65001:10' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' -c 'router bgp 65001 vrf CUST-B' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' label vpn export auto' -c ' rd vpn export 65001:20' -c ' rt vpn both 65001:20' -c ' export vpn' -c ' import vpn' -c ' exit-address-family' -c 'exit' - name: HostA1 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route add default via 192.168.0.1 - name: HostA2 cmds: - cmd: ip addr add 192.168.1.2/24 dev net0 - cmd: ip route add default via 192.168.1.1 - name: HostB1 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route add default via 192.168.0.1 - name: HostB2 cmds: - cmd: ip addr add 192.168.1.2/24 dev net0 - cmd: ip route add default via 192.168.1.1 test: - cmds: ## SR-MPLS Test - cmd: docker exec HostA1 ping -c2 192.168.1.2 ================================================ FILE: examples/basic_bgp/vpnv4_srv6/Makefile ================================================ help: @echo help build: make -C /home/vagrant/git/frr.slankdev sudo make -C /home/vagrant/git/frr.slankdev install install: docker exec R1 rm -rf /usr/lib/frr docker cp /usr/lib/frr R1:/usr/lib/frr docker cp /usr/bin/vtysh R1:/usr/bin/vtysh \ docker exec R2 rm -rf /usr/lib/frr docker cp /usr/lib/frr R2:/usr/lib/frr docker cp /usr/bin/vtysh R2:/usr/bin/vtysh config_srv6_only: docker cp frr.conf.srv6.R1 R1:/etc/frr/frr.conf docker cp frr.conf.srv6.R2 R2:/etc/frr/frr.conf stop: docker exec R1 /usr/lib/frr/frrinit.sh stop docker exec R2 /usr/lib/frr/frrinit.sh stop start: docker exec R1 /usr/lib/frr/frrinit.sh start docker exec R2 /usr/lib/frr/frrinit.sh start restart: docker exec R1 /usr/lib/frr/frrinit.sh restart docker exec R2 /usr/lib/frr/frrinit.sh restart capture: docker exec R1 pkill tcpdump | true docker exec R2 pkill tcpdump | true docker exec -d R1 tcpdump -ni net0 -w /tmp/r1.pcap docker exec -d R2 tcpdump -ni net0 -w /tmp/r2.pcap nocapture: docker exec R1 pkill tcpdump | true docker exec R2 pkill tcpdump | true docker cp R1:/tmp/r1.pcap /vagrant/r1.pcap docker cp R2:/tmp/r2.pcap /vagrant/r2.pcap rere: make -C . build make -C . install make -C . reload taillog_R1: while :; do \ docker exec -it R1 touch /tmp/frr.log; \ docker exec -it R1 chown frr.frr /tmp/frr.log; \ docker exec -it R1 tail -f /tmp/frr.log -n0; \ sleep 1 ; done taillog_R2: while :; do \ docker exec -it R2 touch /tmp/frr.log; \ docker exec -it R2 chown frr.frr /tmp/frr.log; \ docker exec -it R2 tail -f /tmp/frr.log -n0; \ sleep 1 ; done tn_reconf: tn reconf | sudo sh make -C . install make -C . config_srv6_only sh_route_vrfs: @echo -e '\n[[R1-glb]]' @docker exec R1 ip route list @docker exec R1 ip -6 route list @echo -e '\n[[R1-vrf1]]' @docker exec R1 ip route list vrf vrf1 @echo -e '\n[[R1-vrf2]]' @docker exec R1 ip route list vrf vrf2 @echo -e '\n[[R1-vrf3]]' @docker exec R1 ip route list vrf vrf3 @echo -e '\n[[R2-glb]]' @docker exec R2 ip route list @docker exec R2 ip -6 route list @echo -e '\n[[R2-vrf1]]' @docker exec R2 ip route list vrf vrf1 @echo -e '\n[[R2-vrf2]]' @docker exec R2 ip route list vrf vrf2 @echo -e '\n[[R2-vrf3]]' @docker exec R2 ip route list vrf vrf3 @echo ================================================ FILE: examples/basic_bgp/vpnv4_srv6/README.md ================================================ # FRR meets BGP-SRv6-VPNv4 MP-BGP VPNv4 per-VRF w/ SRv6..? ![](./topo.png) ``` $ make sh_route_vrfs [[R1-glb]] 169.254.99.10 dev vrf1 scope link 169.254.99.20 dev vrf2 scope link 169.254.99.30 dev vrf3 scope link 1:1:: encap seg6local action End.DX4 nh4 169.254.99.10 dev net0 metric 1024 pref medium 1:2:: encap seg6local action End.DX4 nh4 169.254.99.20 dev net0 metric 1024 pref medium 1:3:: encap seg6local action End.DX4 nh4 169.254.99.30 dev net0 metric 1024 pref medium 2:1:: via 2001::2 dev net0 metric 1024 pref medium 2:2:: via 2001::2 dev net0 metric 1024 pref medium 2:3:: via 2001::2 dev net0 metric 1024 pref medium 2001::/64 dev net0 proto kernel metric 256 pref medium fe80::/64 dev net0 proto kernel metric 256 pref medium [[R1-vrf1]] 30.1.0.0/24 dev net1 proto kernel scope link src 30.1.0.1 30.2.0.0/24 encap seg6 mode encap segs 1 [ 2:1:: ] dev net0 scope link [[R1-vrf2]] 30.3.0.0/24 dev net2 proto kernel scope link src 30.3.0.1 30.4.0.0/24 encap seg6 mode encap segs 1 [ 2:2:: ] dev net0 scope link [[R1-vrf3]] 30.5.0.0/24 dev net3 proto kernel scope link src 30.5.0.1 30.6.0.0/24 encap seg6 mode encap segs 1 [ 2:3:: ] dev net0 scope link [[R2-glb]] 169.254.99.10 dev vrf1 scope link 169.254.99.20 dev vrf2 scope link 169.254.99.30 dev vrf3 scope link 1:1:: via 2001::1 dev net0 metric 1024 pref medium 1:2:: via 2001::1 dev net0 metric 1024 pref medium 1:3:: via 2001::1 dev net0 metric 1024 pref medium 2:1:: encap seg6local action End.DX4 nh4 169.254.99.10 dev net0 metric 1024 pref medium 2:2:: encap seg6local action End.DX4 nh4 169.254.99.20 dev net0 metric 1024 pref medium 2:3:: encap seg6local action End.DX4 nh4 169.254.99.30 dev net0 metric 1024 pref medium 2001::/64 dev net0 proto kernel metric 256 pref medium fe80::/64 dev net0 proto kernel metric 256 pref medium [[R2-vrf1]] 30.1.0.0/24 encap seg6 mode encap segs 1 [ 1:1:: ] dev net0 scope link 30.2.0.0/24 dev net1 proto kernel scope link src 30.2.0.1 [[R2-vrf2]] 30.3.0.0/24 encap seg6 mode encap segs 1 [ 1:2:: ] dev net0 scope link 30.4.0.0/24 dev net2 proto kernel scope link src 30.4.0.1 [[R2-vrf3]] 30.5.0.0/24 encap seg6 mode encap segs 1 [ 1:3:: ] dev net0 scope link 30.6.0.0/24 dev net3 proto kernel scope link src 30.6.0.1 ``` ================================================ FILE: examples/basic_bgp/vpnv4_srv6/frr.conf.srv6.R1 ================================================ hostname R1 log file /tmp/frr.log ! debug bgp vpn label debug bgp vpn leak-from-vrf debug bgp vpn leak-to-vrf debug bgp vpn rmap-event debug bgp vpn adv-prefix-sid ! int net0 ipv6 address 2001::1/64 ! int net1 vrf vrf1 ip address 30.1.0.1/24 ! int net2 vrf vrf2 ip address 30.3.0.1/24 ! int net3 vrf vrf3 ip address 30.5.0.1/24 ! router bgp 65001 bgp router-id 10.255.0.1 neighbor 2001::2 remote-as 65002 ! address-family ipv4 unicast redistribute connected redistribute static exit-address-family ! address-family ipv4 srv6-vpn neighbor 2001::2 activate exit-address-family ! router bgp 65001 vrf vrf1 bgp router-id 10.255.0.1 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 1:1:: rd srv6-vpn export 65001:1 rt srv6-vpn both 100:1 export srv6-vpn import srv6-vpn exit-address-family ! router bgp 65001 vrf vrf2 bgp router-id 10.255.0.1 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 1:2:: rd srv6-vpn export 65001:2 rt srv6-vpn both 100:2 export srv6-vpn import srv6-vpn exit-address-family ! router bgp 65001 vrf vrf3 bgp router-id 10.255.0.1 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 1:3:: rd srv6-vpn export 65001:3 rt srv6-vpn both 100:3 export srv6-vpn import srv6-vpn exit-address-family ! line vty ! ================================================ FILE: examples/basic_bgp/vpnv4_srv6/frr.conf.srv6.R2 ================================================ hostname R2 log file /tmp/frr.log ! debug bgp vpn label debug bgp vpn leak-from-vrf debug bgp vpn leak-to-vrf debug bgp vpn rmap-event debug bgp vpn adv-prefix-sid ! int net0 ipv6 address 2001::2/64 ! int net1 vrf vrf1 ip address 30.2.0.1/24 ! int net2 vrf vrf2 ip address 30.4.0.1/24 ! int net3 vrf vrf3 ip address 30.6.0.1/24 ! router bgp 65002 bgp router-id 10.255.0.2 neighbor 2001::1 remote-as 65001 ! address-family ipv4 unicast redistribute connected redistribute static exit-address-family ! address-family ipv4 srv6-vpn neighbor 2001::1 activate exit-address-family ! router bgp 65002 vrf vrf1 bgp router-id 10.255.0.2 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 2:1:: rd srv6-vpn export 65002:1 rt srv6-vpn both 100:1 export srv6-vpn import srv6-vpn exit-address-family ! router bgp 65002 vrf vrf2 bgp router-id 10.255.0.2 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 2:2:: rd srv6-vpn export 65002:2 rt srv6-vpn both 100:2 export srv6-vpn import srv6-vpn exit-address-family ! router bgp 65002 vrf vrf3 bgp router-id 10.255.0.2 ! address-family ipv4 unicast redistribute connected sid srv6-vpn export 2:3:: rd srv6-vpn export 65002:3 rt srv6-vpn both 100:3 export srv6-vpn import srv6-vpn exit-address-family ! line vty ! ================================================ FILE: examples/basic_bgp/vpnv4_srv6/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr-7.3:slankdev-support-mpbgp-vpnv4-srv6-cplane interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - { name: net2, type: direct, args: C3#net0 } - { name: net3, type: direct, args: C5#net0 } - name: R2 image: slankdev/frr-7.3:slankdev-support-mpbgp-vpnv4-srv6-cplane interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C2#net0 } - { name: net2, type: direct, args: C4#net0 } - { name: net3, type: direct, args: C6#net0 } - name: C1 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net1 } ] - name: C2 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net1 } ] - name: C3 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net2 } ] - name: C4 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net2 } ] - name: C5 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R1#net3 } ] - name: C6 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: R2#net3 } ] node_configs: - name: R1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: touch /etc/frr/frr.conf - cmd: ip link add vrf1 type vrf table 10 - cmd: ip link set vrf1 up - cmd: ip link set net1 vrf vrf1 - cmd: ip route add 169.254.99.10 dev vrf1 - cmd: ip link add vrf2 type vrf table 20 - cmd: ip link set vrf2 up - cmd: ip link set net2 vrf vrf2 - cmd: ip route add 169.254.99.20 dev vrf2 - cmd: ip link add vrf3 type vrf table 30 - cmd: ip link set vrf3 up - cmd: ip link set net3 vrf vrf3 - cmd: ip route add 169.254.99.30 dev vrf3 - name: R2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: touch /etc/frr/frr.conf - cmd: ip link add vrf1 type vrf table 10 - cmd: ip link set vrf1 up - cmd: ip link set net1 vrf vrf1 - cmd: ip route add 169.254.99.10 dev vrf1 - cmd: ip link add vrf2 type vrf table 20 - cmd: ip link set vrf2 up - cmd: ip link set net2 vrf vrf2 - cmd: ip route add 169.254.99.20 dev vrf2 - cmd: ip link add vrf3 type vrf table 30 - cmd: ip link set vrf3 up - cmd: ip link set net3 vrf vrf3 - cmd: ip route add 169.254.99.30 dev vrf3 - name: C1 cmds: - cmd: ip addr replace 30.1.0.2/24 dev net0 - cmd: ip route replace default via 30.1.0.1 - name: C2 cmds: - cmd: ip addr replace 30.2.0.2/24 dev net0 - cmd: ip route replace default via 30.2.0.1 - name: C3 cmds: - cmd: ip addr replace 30.3.0.2/24 dev net0 - cmd: ip route replace default via 30.3.0.1 - name: C4 cmds: - cmd: ip addr replace 30.4.0.2/24 dev net0 - cmd: ip route replace default via 30.4.0.1 - name: C5 cmds: - cmd: ip addr replace 30.5.0.2/24 dev net0 - cmd: ip route replace default via 30.5.0.1 - name: C6 cmds: - cmd: ip addr replace 30.6.0.2/24 dev net0 - cmd: ip route replace default via 30.6.0.1 ================================================ FILE: examples/basic_bgp/vpnv6_srv6_rs/spec.yaml ================================================ nodes: - name: RS1 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: S1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: S1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: RS1#net0 } - { name: net1, type: direct, args: R1#net0 } - { name: net2, type: direct, args: R2#net0 } - { name: net3, type: direct, args: R3#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R1 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: S1#net1 } - { name: net1, type: direct, args: C1#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R2 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: S1#net2 } - { name: net1, type: direct, args: C2#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: R3 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: S1#net3 } - { name: net1, type: direct, args: C3#net0 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C1 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: R1#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C2 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: R2#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 - name: C3 image: tinynetwork/frr:develop interfaces: - { name: net0, type: direct, args: R3#net1 } sysctls: - sysctl: net.ipv6.conf.all.disable_ipv6=0 - sysctl: net.ipv6.conf.default.disable_ipv6=0 - sysctl: net.ipv6.conf.all.forwarding=1 node_configs: - name: RS1 cmds: - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: ip addr add 2001:db8:e:1::0/128 dev lo - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 1.1.1.1" -c " no bgp ebgp-requires-policy" -c " !" -c " neighbor PEER peer-group" -c " neighbor PEER remote-as external" -c " neighbor net0 interface peer-group PEER" -c " !" -c " neighbor PE peer-group" -c " neighbor PE remote-as external" -c " neighbor PE ebgp-multihop 255" -c " bgp listen range 2001:db8:e::/48 peer-group PE" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " neighbor PEER activate" -c " redistribute connected" -c " exit-address-family" -c " !" -c " address-family ipv6 vpn" -c " neighbor PE activate" -c " exit-address-family" -c "!" - name: S1 cmds: - cmd: ip addr add 10.255.0.100/32 dev lo - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "router bgp 100" -c " bgp router-id 100.100.100.100" -c " !" -c " neighbor PEER peer-group" -c " neighbor PEER remote-as external" -c " neighbor net0 interface peer-group PEER" -c " neighbor net1 interface peer-group PEER" -c " neighbor net2 interface peer-group PEER" -c " neighbor net3 interface peer-group PEER" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " neighbor PEER activate" -c " network 0::/0" -c " exit-address-family" -c "!" - name: R1 cmds: - cmd: ip addr add 10.255.0.11/32 dev lo - cmd: ip addr add 2001:db8:e:11::0/128 dev lo - cmd: ip link add vrf1 type vrf table 1001 - cmd: ip link set vrf1 up - cmd: ip link set net1 master vrf1 - cmd: ip -6 addr add 2001:11::1/64 dev net1 - cmd: ip sr tunsrc set 2001:db8:f:1::0 - cmd: ip -6 rule add to 2001:db8::/32 pref 1 table main - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "segment-routing" -c " srv6" -c " locators" -c " locator default" -c " prefix 2001:db8:f:1::/64" -c " !" -c " !" -c " !" -c "!" -c "ipv6 route 2001:db8:f:1::/64 Null0" -c "!" -c "router bgp 11" -c " bgp router-id 11.11.11.11" -c " no bgp ebgp-requires-policy" -c " !" -c " neighbor PEER peer-group" -c " neighbor PEER remote-as external" -c " neighbor net0 interface peer-group PEER" -c " !" -c " neighbor PE peer-group" -c " neighbor PE remote-as external" -c " neighbor PE ebgp-multihop 255" -c " neighbor 2001:db8:e:1:: peer-group PE" -c " !" -c " segment-routing srv6" -c " locator default" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " network 2001:db8:f:1::/64" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 vpn" -c " neighbor PE activate" -c " exit-address-family" -c "!" -c "router bgp 11 vrf vrf1" -c " bgp router-id 11.11.11.11" -c " no bgp ebgp-requires-policy" -c " neighbor 2001:11::2 remote-as external" -c " !" -c " address-family ipv6 unicast" -c " neighbor 2001:11::2 activate" -c " sid vpn export auto" -c " rd vpn export 11:1001" -c " rt vpn export 1:1001" -c " rt vpn import 1:1001" -c " import vpn" -c " export vpn" -c " redistribute connected" -c " exit-address-family" -c "!" - name: R2 cmds: - cmd: ip addr add 10.255.0.12/32 dev lo - cmd: ip addr add 2001:db8:e:12::0/128 dev lo - cmd: ip link add vrf1 type vrf table 1001 - cmd: ip link set vrf1 up - cmd: ip link set net1 master vrf1 - cmd: ip -6 addr add 2001:12::1/64 dev net1 - cmd: ip sr tunsrc set 2001:db8:f:2::0 - cmd: ip -6 rule add to 2001:db8::/32 pref 1 table main - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "segment-routing" -c " srv6" -c " locators" -c " locator default" -c " prefix 2001:db8:f:2::/64" -c " !" -c " !" -c " !" -c "!" -c "ipv6 route 2001:db8:f:2::/64 Null0" -c "!" -c "router bgp 12" -c " bgp router-id 12.12.12.12" -c " no bgp ebgp-requires-policy" -c " !" -c " neighbor PEER peer-group" -c " neighbor PEER remote-as external" -c " neighbor net0 interface peer-group PEER" -c " !" -c " neighbor PE peer-group" -c " neighbor PE remote-as external" -c " neighbor PE ebgp-multihop 255" -c " neighbor 2001:db8:e:1:: peer-group PE" -c " !" -c " segment-routing srv6" -c " locator default" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " network 2001:db8:f:2::/64" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 vpn" -c " neighbor PE activate" -c " exit-address-family" -c "!" -c "router bgp 12 vrf vrf1" -c " bgp router-id 12.12.12.12" -c " no bgp ebgp-requires-policy" -c " neighbor 2001:12::2 remote-as external" -c " !" -c " address-family ipv6 unicast" -c " neighbor 2001:12::2 activate" -c " sid vpn export auto" -c " rd vpn export 12:1001" -c " rt vpn export 1:1001" -c " rt vpn import 1:1001" -c " import vpn" -c " export vpn" -c " redistribute connected" -c " exit-address-family" -c "!" - name: R3 cmds: - cmd: ip addr add 10.255.0.13/32 dev lo - cmd: ip addr add 2001:db8:e:13::0/128 dev lo - cmd: ip link add vrf1 type vrf table 1001 - cmd: ip link set vrf1 up - cmd: ip link set net1 master vrf1 - cmd: ip -6 addr add 2001:13::1/64 dev net1 - cmd: ip sr tunsrc set 2001:db8:f:3::0 - cmd: ip -6 rule add to 2001:db8::/32 pref 1 table main - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "segment-routing" -c " srv6" -c " locators" -c " locator default" -c " prefix 2001:db8:f:3::/64" -c " !" -c " !" -c " !" -c "!" -c "ipv6 route 2001:db8:f:3::/64 Null0" -c "!" -c "router bgp 13" -c " bgp router-id 13.13.13.13" -c " no bgp ebgp-requires-policy" -c " !" -c " neighbor PEER peer-group" -c " neighbor PEER remote-as external" -c " neighbor net0 interface peer-group PEER" -c " !" -c " neighbor PE peer-group" -c " neighbor PE remote-as external" -c " neighbor PE ebgp-multihop 255" -c " neighbor 2001:db8:e:1:: peer-group PE" -c " !" -c " segment-routing srv6" -c " locator default" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 unicast" -c " redistribute connected" -c " network 2001:db8:f:3::/64" -c " neighbor PEER activate" -c " exit-address-family" -c " !" -c " address-family ipv6 vpn" -c " neighbor PE activate" -c " exit-address-family" -c "!" -c "router bgp 13 vrf vrf1" -c " bgp router-id 13.13.13.13" -c " no bgp ebgp-requires-policy" -c " !" -c " address-family ipv6 unicast" -c " sid vpn export auto" -c " rd vpn export 13:1001" -c " rt vpn export 1:1001" -c " rt vpn import 1:1001" -c " import vpn" -c " export vpn" -c " redistribute connected" -c " exit-address-family" -c "!" - name: C1 cmds: - cmd: ip -6 addr add 2001:11::2/64 dev net0 - cmd: ip -6 route replace default via 2001:11::1 - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "ipv6 route 0::/0 Null0" -c "!" -c "router bgp 101" -c " bgp router-id 101.101.101.101" -c " no bgp ebgp-requires-policy" -c " neighbor 2001:11::1 remote-as external" -c " !" -c " address-family ipv6 unicast" -c " neighbor 2001:11::1 activate" -c " network 0::/0" -c " exit-address-family" - name: C2 cmds: - cmd: ip -6 addr add 2001:12::2/64 dev net0 - cmd: ip -6 route replace default via 2001:12::1 - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "ipv6 route 0::/0 Null0" -c "!" -c "router bgp 102" -c " bgp router-id 102.102.102.102" -c " no bgp ebgp-requires-policy" -c " neighbor 2001:12::1 remote-as external" -c " !" -c " address-family ipv6 unicast" -c " neighbor 2001:12::1 activate" -c " network 0::/0" -c " exit-address-family" - name: C3 cmds: - cmd: ip -6 addr add 2001:13::2/64 dev net0 - cmd: ip -6 route replace default via 2001:13::1 - cmd: /usr/lib/frr/frrinit.sh start ================================================ FILE: examples/basic_bgp/vrf2vrf_rouet_leak/Makefile ================================================ sh: docker exec R1 ip route list @echo docker exec R1 ip route list vrf red @echo docker exec R1 ip route list vrf blu @echo docker exec R1 ip route list vrf grn ================================================ FILE: examples/basic_bgp/vrf2vrf_rouet_leak/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr-dev:latest interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/frr-dev:latest interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: ip link add red type vrf table 10 - cmd: ip link add blu type vrf table 20 - cmd: ip link add grn type vrf table 30 - cmd: ip link set red up - cmd: ip link set blu up - cmd: ip link set grn up - cmd: ip link set net0 vrf red - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'int net0' -c 'ip addr 10.0.0.1/24' -c 'exit' -c 'router bgp 1 vrf red' -c ' bgp router-id 1.1.1.1' -c ' address-family ipv4 unicast' -c ' redistribute connected' -c ' exit-address-family' -c 'router bgp 2 vrf blu' -c ' bgp router-id 2.2.2.2' -c ' address-family ipv4 unicast' -c ' import vrf red' -c ' exit-address-family' -c 'router bgp 3 vrf grn' -c ' bgp router-id 3.3.3.3' -c ' address-family ipv4 unicast' -c ' import vrf blu' -c ' exit-address-family' ================================================ FILE: examples/basic_bond/spec.yaml ================================================ precmd: - cmds: - cmd: export IMAGE=slankdev/frr - cmd: export IMAGE=slankdev/gobgp - cmd: export IMAGE=slankdev/ubuntu:18.04 nodes: - name: R1 image: $IMAGE interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R2#net1 } - name: R2 image: $IMAGE interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R1#net1 } node_configs: - name: R1 cmds: - cmd: ip link add bond0 type bond miimon 100 mode active-backup - cmd: ip link set bond0 up - cmd: ip link set net0 down - cmd: ip link set net1 down - cmd: ip link set net0 master bond0 - cmd: ip link set net1 master bond0 - cmd: ip addr add 10.0.0.1/24 dev bond0 - name: R2 cmds: - cmd: ip link add bond0 type bond miimon 100 mode active-backup - cmd: ip link set bond0 up - cmd: ip link set net0 down - cmd: ip link set net1 down - cmd: ip link set net0 master bond0 - cmd: ip link set net1 master bond0 - cmd: ip addr add 10.0.0.2/24 dev bond0 test: - name: p2p cmds: - cmd: echo slankdev slankdev - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_bufferbloat/README.md ================================================ # Bufferbloat demonstration Simple demonstration of the [bufferbloat](https://www.bufferbloat.net/projects/) problem. ![](./topo.png) ================================================ FILE: examples/basic_bufferbloat/spec.yaml ================================================ nodes: - name: R1 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - { name: net2, type: direct, args: C2#net0 } - name: R2 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C3#net0 } - { name: net2, type: direct, args: C4#net0 } - name: C1 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net2 } - name: C3 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net1 } - name: C4 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net2 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net1 - cmd: ip addr add 10.0.1.1/24 dev net2 - cmd: ip addr add 10.0.2.1/24 dev net0 - cmd: ip route add default via 10.0.2.2 - cmd: tc qdisc add dev net0 root netem rate 500mbit - name: R2 cmds: - cmd: ip addr add 10.0.2.2/24 dev net0 - cmd: ip addr add 10.0.3.1/24 dev net1 - cmd: ip addr add 10.0.4.1/24 dev net2 - cmd: ip route add default via 10.0.2.1 - cmd: tc qdisc add dev net0 root netem rate 500mbit - name: C1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: C2 cmds: - cmd: ip addr add 10.0.1.2/24 dev net0 - cmd: ip route add default via 10.0.1.1 - name: C3 cmds: - cmd: ip addr add 10.0.3.2/24 dev net0 - cmd: ip route add default via 10.0.3.1 - name: C4 cmds: - cmd: ip addr add 10.0.4.2/24 dev net0 - cmd: ip route add default via 10.0.4.1 test: - cmds: - cmd: echo "==========================================" - cmd: echo "iperf from C1 to C3" - cmd: echo "==========================================" - cmd: docker exec C3 iperf -s -i 1 & - cmd: sleep 3 - cmd: docker exec C1 iperf -c 10.0.3.2 2>&1 > /dev/null - cmd: docker exec C3 pkill iperf - cmd: echo "==========================================" - cmd: echo "ping from C2 to C4" - cmd: echo "==========================================" - cmd: docker exec C2 ping -c 10 10.0.4.2 - cmd: echo "==========================================" - cmd: echo "ping from C2 to C4 while iperf-ing from C1 to C3" - cmd: echo "==========================================" - cmd: docker exec C3 iperf -s 2>&1 > /dev/null & - cmd: sleep 3 - cmd: docker exec C1 iperf -c 10.0.3.2 -t 60 2>&1 > /dev/null & - cmd: sleep 3 - cmd: docker exec C2 ping -c 10 10.0.4.2 - cmd: docker exec C1 pkill iperf - cmd: sleep 3 - cmd: docker exec C3 pkill iperf ================================================ FILE: examples/basic_clos/README.md ================================================ # CLOS Topology Practice of designing DCN. Following are principle of Design. - using modernaized technology (such as BGP-unnumbered.) Version - 0.0.0: basic CLOS-network ([yaml](./spec.v0.0.0.yaml)) - 0.0.1: using BGP-unnumbered ([yaml](./spec.v0.0.1.yaml)) - 0.0.2: using ECMP anycast ([yaml](./spec.v0.0.2.yaml)) - 0.0.3: add VM and ToR nodes ([yaml](./spec.v0.0.3.yaml)) - 0.0.4: support multi-tenancy ([yaml](./spec.v0.0.4.yaml)) (**currentry version**) - 0.0.5: support SRv6 network slicing ([yaml](./spec.v0.0.5.yaml)) **version v0.0.3** ![](./topo.v0.0.3.png) **version v0.0.2** ![](./topo.v0.0.2.png) **version v0.0.1** ![](./topo.v0.0.1.png) **version v0.0.0** ![](./topo.v0.0.0.png) references - LINE-SRv6-DCN ENOG55 http://enog.jp/wp-content/uploads/2018/12/05_20190222_ENOG55_LINE.pdf - Large Scale DC Network Design https://www.slideshare.net/MasayukiKobayashi/dc-66865243 - Good TiNET examples by MIYA-kun https://github.com/mi2428/netben - LINE DCN Overview by Kobayashi-san 2018.10 https://www.slideshare.net/linecorp/ss-116867631 - About designing the LINE-NW from scrach by Kobayashi-san 2019.01 https://www.janog.gr.jp/meeting/janog43/application/files/7915/4823/1858/janog43-line-kobayashi.pdf - OpenStack Summit Vancouver 2018 Recap LINE-verda https://engineering.linecorp.com/ja/blog/openstack-summit-vancouver-2018-recap-2-2 operation performance ``` v0.0.3 sh -c 'tn up | sudo sh' real 0m29.151s user 0m6.945s sys 0m4.472s v0.0.3 sh -c 'tn conf | sudo sh' frr-all real 1m25.104s user 0m6.110s sys 0m4.263s v0.0.3 sh -c 'tn conf | sudo sh' frr-zebra,bgpd real 1m13.867s user 0m6.239s sys 0m4.143s ``` ================================================ FILE: examples/basic_clos/spec.v0.0.0.yaml ================================================ nodes: - name: Ext1 image: slankdev/frr interfaces: # - { name: net0, type: direct, args: Internet#net0 } - { name: net1, type: direct, args: Spine1#up1 } - { name: net2, type: direct, args: Spine2#up1 } - name: Spine1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#net1 } - { name: dn1, type: direct, args: Leaf1#up1 } - { name: dn2, type: direct, args: Leaf2#up1 } - { name: dn3, type: direct, args: Leaf3#up1 } - { name: dn4, type: direct, args: Leaf4#up1 } - name: Spine2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#net2 } - { name: dn1, type: direct, args: Leaf1#up2 } - { name: dn2, type: direct, args: Leaf2#up2 } - { name: dn3, type: direct, args: Leaf3#up2 } - { name: dn4, type: direct, args: Leaf4#up2 } - name: Leaf1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn1 } - { name: up2, type: direct, args: Spine2#dn1 } - { name: dn1, type: direct, args: Serv1#net0 } - { name: dn2, type: direct, args: Serv2#net0 } - name: Leaf2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn2 } - { name: up2, type: direct, args: Spine2#dn2 } - { name: dn1, type: direct, args: Serv3#net0 } - { name: dn2, type: direct, args: Serv4#net0 } - name: Leaf3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn3 } - { name: up2, type: direct, args: Spine2#dn3 } - { name: dn1, type: direct, args: Serv5#net0 } - { name: dn2, type: direct, args: Serv6#net0 } - name: Leaf4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn4 } - { name: up2, type: direct, args: Spine2#dn4 } - { name: dn1, type: direct, args: Serv7#net0 } - { name: dn2, type: direct, args: Serv8#net0 } - name: Serv1 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn1 } ] - name: Serv2 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn2 } ] - name: Serv3 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn1 } ] - name: Serv4 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn2 } ] - name: Serv5 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn1 } ] - name: Serv6 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn2 } ] - name: Serv7 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn1 } ] - name: Serv8 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn2 } ] node_configs: - name: Ext1 cmds: - cmd: echo slankdev slankdev - name: Spine1 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.1/32" -c "int dn1" -c "ip addr 10.0.0.1/30" -c "int dn2" -c "ip addr 10.0.0.5/30" -c "int dn3" -c "ip addr 10.0.0.9/30" -c "int dn4" -c "ip addr 10.0.0.13/30" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.2 remote-as 65011" -c " neighbor 10.0.0.6 remote-as 65012" -c " neighbor 10.0.0.10 remote-as 65013" -c " neighbor 10.0.0.14 remote-as 65014" - name: Spine2 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.2/32" -c "int dn1" -c "ip addr 10.0.0.17/30" -c "int dn2" -c "ip addr 10.0.0.21/30" -c "int dn3" -c "ip addr 10.0.0.25/30" -c "int dn4" -c "ip addr 10.0.0.29/30" -c "router bgp 65002" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.18 remote-as 65011" -c " neighbor 10.0.0.22 remote-as 65012" -c " neighbor 10.0.0.26 remote-as 65013" -c " neighbor 10.0.0.30 remote-as 65014" - name: Leaf1 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.11/32" -c "int up1" -c "ip addr 10.0.0.2/30" -c "int up2" -c "ip addr 10.0.0.18/30" -c "int dn1" -c "ip addr 20.0.0.1/30" -c "int dn2" -c "ip addr 20.0.0.5/30" -c "router bgp 65011" -c " bgp router-id 10.255.0.11" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.1 remote-as 65001" -c " neighbor 10.0.0.17 remote-as 65002" -c " neighbor 20.0.0.2 remote-as 65021" -c " neighbor 20.0.0.6 remote-as 65022" - name: Leaf2 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.12/32" -c "int up1" -c "ip addr 10.0.0.6/30" -c "int up2" -c "ip addr 10.0.0.22/30" -c "int dn1" -c "ip addr 20.0.0.9/30" -c "int dn2" -c "ip addr 20.0.0.13/30" -c "router bgp 65012" -c " bgp router-id 10.255.0.12" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.5 remote-as 65001" -c " neighbor 10.0.0.21 remote-as 65002" -c " neighbor 20.0.0.10 remote-as 65023" -c " neighbor 20.0.0.14 remote-as 65024" - name: Leaf3 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.13/32" -c "int up1" -c "ip addr 10.0.0.10/30" -c "int up2" -c "ip addr 10.0.0.26/30" -c "int dn1" -c "ip addr 20.0.0.17/30" -c "int dn2" -c "ip addr 20.0.0.21/30" -c "router bgp 65013" -c " bgp router-id 10.255.0.13" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.9 remote-as 65001" -c " neighbor 10.0.0.25 remote-as 65002" -c " neighbor 20.0.0.18 remote-as 65025" -c " neighbor 20.0.0.22 remote-as 65026" - name: Leaf4 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.14/32" -c "int up1" -c "ip addr 10.0.0.14/30" -c "int up2" -c "ip addr 10.0.0.30/30" -c "int dn1" -c "ip addr 20.0.0.25/30" -c "int dn2" -c "ip addr 20.0.0.29/30" -c "router bgp 65014" -c " bgp router-id 10.255.0.14" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 10.0.0.13 remote-as 65001" -c " neighbor 10.0.0.29 remote-as 65002" -c " neighbor 20.0.0.26 remote-as 65027" -c " neighbor 20.0.0.30 remote-as 65028" - name: Serv1 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.21/32" -c "int net0" -c "ip addr 20.0.0.2/30" -c "router bgp 65021" -c " bgp router-id 10.255.0.21" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.1 remote-as external" -c " network 20.0.0.2/30" - name: Serv2 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.22/32" -c "int net0" -c "ip addr 20.0.0.6/30" -c "router bgp 65022" -c " bgp router-id 10.255.0.22" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.5 remote-as external" -c " network 20.0.0.6/30" - name: Serv3 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.23/32" -c "int net0" -c "ip addr 20.0.0.10/30" -c "router bgp 65023" -c " bgp router-id 10.255.0.23" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.9 remote-as external" -c " network 20.0.0.10/30" - name: Serv4 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.24/32" -c "int net0" -c "ip addr 20.0.0.14/30" -c "router bgp 65024" -c " bgp router-id 10.255.0.24" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.13 remote-as external" -c " network 20.0.0.14/30" - name: Serv5 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.25/32" -c "int net0" -c "ip addr 20.0.0.18/30" -c "router bgp 65025" -c " bgp router-id 10.255.0.25" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.17 remote-as external" -c " network 20.0.0.18/30" - name: Serv6 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.26/32" -c "int net0" -c "ip addr 20.0.0.22/30" -c "router bgp 65026" -c " bgp router-id 10.255.0.26" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.21 remote-as external" -c " network 20.0.0.22/30" - name: Serv7 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.27/32" -c "int net0" -c "ip addr 20.0.0.26/30" -c "router bgp 65027" -c " bgp router-id 10.255.0.27" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.25 remote-as external" -c " network 20.0.0.26/30" - name: Serv8 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.28/32" -c "int net0" -c "ip addr 20.0.0.30/30" -c "router bgp 65028" -c " bgp router-id 10.255.0.28" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor 20.0.0.29 remote-as external" -c " network 20.0.0.30/30" test: - name: p2p cmds: - cmd: docker exec Ext1 echo slank - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_clos/spec.v0.0.1.yaml ================================================ nodes: - name: Ext1 image: slankdev/frr interfaces: # - { name: net0, type: direct, args: Internet#net0 } - { name: net1, type: direct, args: Spine1#up1 } - { name: net2, type: direct, args: Spine2#up1 } - name: Spine1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#net1 } - { name: dn1, type: direct, args: Leaf1#up1 } - { name: dn2, type: direct, args: Leaf2#up1 } - { name: dn3, type: direct, args: Leaf3#up1 } - { name: dn4, type: direct, args: Leaf4#up1 } - name: Spine2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#net2 } - { name: dn1, type: direct, args: Leaf1#up2 } - { name: dn2, type: direct, args: Leaf2#up2 } - { name: dn3, type: direct, args: Leaf3#up2 } - { name: dn4, type: direct, args: Leaf4#up2 } - name: Leaf1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn1 } - { name: up2, type: direct, args: Spine2#dn1 } - { name: dn1, type: direct, args: Serv1#net0 } - { name: dn2, type: direct, args: Serv2#net0 } - name: Leaf2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn2 } - { name: up2, type: direct, args: Spine2#dn2 } - { name: dn1, type: direct, args: Serv3#net0 } - { name: dn2, type: direct, args: Serv4#net0 } - name: Leaf3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn3 } - { name: up2, type: direct, args: Spine2#dn3 } - { name: dn1, type: direct, args: Serv5#net0 } - { name: dn2, type: direct, args: Serv6#net0 } - name: Leaf4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn4 } - { name: up2, type: direct, args: Spine2#dn4 } - { name: dn1, type: direct, args: Serv7#net0 } - { name: dn2, type: direct, args: Serv8#net0 } - name: Serv1 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn1 } ] - name: Serv2 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn2 } ] - name: Serv3 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn1 } ] - name: Serv4 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn2 } ] - name: Serv5 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn1 } ] - name: Serv6 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn2 } ] - name: Serv7 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn1 } ] - name: Serv8 image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn2 } ] node_configs: - name: Ext1 cmds: - cmd: echo slankdev slankdev - name: Spine1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.1/32" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Spine2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.2/32" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65002" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.11/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65011" -c " bgp router-id 10.255.0.11" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.12/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65012" -c " bgp router-id 10.255.0.12" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.13/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65013" -c " bgp router-id 10.255.0.13" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf4 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.14/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65014" -c " bgp router-id 10.255.0.14" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.21/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65021" -c " bgp router-id 10.255.0.21" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.22/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65022" -c " bgp router-id 10.255.0.22" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.23/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65023" -c " bgp router-id 10.255.0.23" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 3.3.3.3/32" -c " redistribute connected" -c " exit-address-family" - name: Serv4 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.24/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65024" -c " bgp router-id 10.255.0.24" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 4.4.4.4/32" -c " redistribute connected" -c " exit-address-family" - name: Serv5 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.25/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65025" -c " bgp router-id 10.255.0.25" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 5.5.5.5/32" -c " redistribute connected" -c " exit-address-family" - name: Serv6 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.26/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65026" -c " bgp router-id 10.255.0.26" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 6.6.6.6/32" -c " redistribute connected" -c " exit-address-family" - name: Serv7 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.27/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65027" -c " bgp router-id 10.255.0.27" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 7.7.7.7/32" -c " redistribute connected" -c " exit-address-family" - name: Serv8 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.28/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65028" -c " bgp router-id 10.255.0.28" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " network 8.8.8.8/32" -c " redistribute connected" -c " exit-address-family" test: - name: p2p cmds: - cmd: docker exec Ext1 echo slank - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_clos/spec.v0.0.2.yaml ================================================ nodes: - name: Ext1 image: slankdev/frr interfaces: # - { name: net0, type: direct, args: Internet#net0 } - { name: dn1, type: direct, args: Spine1#up1 } - { name: dn2, type: direct, args: Spine2#up1 } - name: Spine1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn1 } - { name: dn1, type: direct, args: Leaf1#up1 } - { name: dn2, type: direct, args: Leaf2#up1 } - { name: dn3, type: direct, args: Leaf3#up1 } - { name: dn4, type: direct, args: Leaf4#up1 } - name: Spine2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn2 } - { name: dn1, type: direct, args: Leaf1#up2 } - { name: dn2, type: direct, args: Leaf2#up2 } - { name: dn3, type: direct, args: Leaf3#up2 } - { name: dn4, type: direct, args: Leaf4#up2 } - name: Leaf1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn1 } - { name: up2, type: direct, args: Spine2#dn1 } - { name: dn1, type: direct, args: Serv1a#net0 } - { name: dn2, type: direct, args: Serv2a#net0 } - name: Leaf2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn2 } - { name: up2, type: direct, args: Spine2#dn2 } - { name: dn1, type: direct, args: Serv3a#net0 } - { name: dn2, type: direct, args: Serv4a#net0 } - name: Leaf3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn3 } - { name: up2, type: direct, args: Spine2#dn3 } - { name: dn1, type: direct, args: Serv1b#net0 } - { name: dn2, type: direct, args: Serv2b#net0 } - name: Leaf4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn4 } - { name: up2, type: direct, args: Spine2#dn4 } - { name: dn1, type: direct, args: Serv3b#net0 } - { name: dn2, type: direct, args: Serv4b#net0 } - name: Serv1a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn1 } ] - name: Serv2a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf1#dn2 } ] - name: Serv3a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn1 } ] - name: Serv4a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf2#dn2 } ] - name: Serv1b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn1 } ] - name: Serv2b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf3#dn2 } ] - name: Serv3b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn1 } ] - name: Serv4b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Leaf4#dn2 } ] node_configs: - name: Ext1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.254/32" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65999" -c " bgp router-id 10.255.0.254" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Spine1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.1/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Spine2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.2/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65002" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.11/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65011" -c " bgp router-id 10.255.0.11" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.12/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65012" -c " bgp router-id 10.255.0.12" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.13/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65013" -c " bgp router-id 10.255.0.13" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Leaf4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.14/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65014" -c " bgp router-id 10.255.0.14" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv1a cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.21/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65021" -c " bgp router-id 10.255.0.21" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv2a cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.22/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65022" -c " bgp router-id 10.255.0.22" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv3a cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.23/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65023" -c " bgp router-id 10.255.0.23" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv4a cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.24/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65024" -c " bgp router-id 10.255.0.24" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv1b cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.21/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65021" -c " bgp router-id 10.255.0.21" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv2b cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.22/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65022" -c " bgp router-id 10.255.0.22" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv3b cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.23/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65023" -c " bgp router-id 10.255.0.23" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" - name: Serv4b cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.24/32" -c "int net0" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65024" -c " bgp router-id 10.255.0.24" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" test: - name: p2p cmds: - cmd: docker exec Ext1 echo slank - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_clos/spec.v0.0.3.yaml ================================================ nodes: - name: Ext1 image: slankdev/frr interfaces: # - { name: net0, type: direct, args: Internet#net0 } - { name: dn1, type: direct, args: Spine1#up1 } - { name: dn2, type: direct, args: Spine2#up1 } - name: Spine1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn1 } - { name: dn1, type: direct, args: Leaf1#up1 } - { name: dn2, type: direct, args: Leaf2#up1 } - { name: dn3, type: direct, args: Leaf3#up1 } - { name: dn4, type: direct, args: Leaf4#up1 } - name: Spine2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn2 } - { name: dn1, type: direct, args: Leaf1#up2 } - { name: dn2, type: direct, args: Leaf2#up2 } - { name: dn3, type: direct, args: Leaf3#up2 } - { name: dn4, type: direct, args: Leaf4#up2 } - name: Leaf1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn1 } - { name: up2, type: direct, args: Spine2#dn1 } - { name: dn1, type: direct, args: Tor1#up1 } - { name: dn2, type: direct, args: Tor2#up1 } - { name: dn3, type: direct, args: Tor3#up1 } - { name: dn4, type: direct, args: Tor4#up1 } - { name: dn5, type: direct, args: Tor5#up1 } - { name: dn6, type: direct, args: Tor6#up1 } - { name: dn7, type: direct, args: Tor7#up1 } - { name: dn8, type: direct, args: Tor8#up1 } - name: Leaf2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn2 } - { name: up2, type: direct, args: Spine2#dn2 } - { name: dn1, type: direct, args: Tor1#up2 } - { name: dn2, type: direct, args: Tor2#up2 } - { name: dn3, type: direct, args: Tor3#up2 } - { name: dn4, type: direct, args: Tor4#up2 } - { name: dn5, type: direct, args: Tor5#up2 } - { name: dn6, type: direct, args: Tor6#up2 } - { name: dn7, type: direct, args: Tor7#up2 } - { name: dn8, type: direct, args: Tor8#up2 } - name: Leaf3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn3 } - { name: up2, type: direct, args: Spine2#dn3 } - { name: dn1, type: direct, args: Tor1#up3 } - { name: dn2, type: direct, args: Tor2#up3 } - { name: dn3, type: direct, args: Tor3#up3 } - { name: dn4, type: direct, args: Tor4#up3 } - { name: dn5, type: direct, args: Tor5#up3 } - { name: dn6, type: direct, args: Tor6#up3 } - { name: dn7, type: direct, args: Tor7#up3 } - { name: dn8, type: direct, args: Tor8#up3 } - name: Leaf4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn4 } - { name: up2, type: direct, args: Spine2#dn4 } - { name: dn1, type: direct, args: Tor1#up4 } - { name: dn2, type: direct, args: Tor2#up4 } - { name: dn3, type: direct, args: Tor3#up4 } - { name: dn4, type: direct, args: Tor4#up4 } - { name: dn5, type: direct, args: Tor5#up4 } - { name: dn6, type: direct, args: Tor6#up4 } - { name: dn7, type: direct, args: Tor7#up4 } - { name: dn8, type: direct, args: Tor8#up4 } - name: Tor1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn1 } - { name: up2, type: direct, args: Leaf2#dn1 } - { name: up3, type: direct, args: Leaf3#dn1 } - { name: up4, type: direct, args: Leaf4#dn1 } - { name: dn1, type: direct, args: Serv1#up1 } - { name: dn2, type: direct, args: Serv2#up1 } - { name: dn3, type: direct, args: Serv3#up1 } - { name: dn4, type: direct, args: Serv4#up1 } - name: Tor2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn2 } - { name: up2, type: direct, args: Leaf2#dn2 } - { name: up3, type: direct, args: Leaf3#dn2 } - { name: up4, type: direct, args: Leaf4#dn2 } - { name: dn1, type: direct, args: Serv1#up2 } - { name: dn2, type: direct, args: Serv2#up2 } - { name: dn3, type: direct, args: Serv3#up2 } - { name: dn4, type: direct, args: Serv4#up2 } - name: Tor3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn3 } - { name: up2, type: direct, args: Leaf2#dn3 } - { name: up3, type: direct, args: Leaf3#dn3 } - { name: up4, type: direct, args: Leaf4#dn3 } - { name: dn1, type: direct, args: Serv5#up1 } - { name: dn2, type: direct, args: Serv6#up1 } - { name: dn3, type: direct, args: Serv7#up1 } - { name: dn4, type: direct, args: Serv8#up1 } - name: Tor4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn4 } - { name: up2, type: direct, args: Leaf2#dn4 } - { name: up3, type: direct, args: Leaf3#dn4 } - { name: up4, type: direct, args: Leaf4#dn4 } - { name: dn1, type: direct, args: Serv5#up2 } - { name: dn2, type: direct, args: Serv6#up2 } - { name: dn3, type: direct, args: Serv7#up2 } - { name: dn4, type: direct, args: Serv8#up2 } - name: Tor5 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn5 } - { name: up2, type: direct, args: Leaf2#dn5 } - { name: up3, type: direct, args: Leaf3#dn5 } - { name: up4, type: direct, args: Leaf4#dn5 } - { name: dn1, type: direct, args: Serv9#up1 } - { name: dn2, type: direct, args: Serv10#up1 } - { name: dn3, type: direct, args: Serv11#up1 } - { name: dn4, type: direct, args: Serv12#up1 } - name: Tor6 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn6 } - { name: up2, type: direct, args: Leaf2#dn6 } - { name: up3, type: direct, args: Leaf3#dn6 } - { name: up4, type: direct, args: Leaf4#dn6 } - { name: dn1, type: direct, args: Serv9#up2 } - { name: dn2, type: direct, args: Serv10#up2 } - { name: dn3, type: direct, args: Serv11#up2 } - { name: dn4, type: direct, args: Serv12#up2 } - name: Tor7 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn7 } - { name: up2, type: direct, args: Leaf2#dn7 } - { name: up3, type: direct, args: Leaf3#dn7 } - { name: up4, type: direct, args: Leaf4#dn7 } - { name: dn1, type: direct, args: Serv13#up1 } - { name: dn2, type: direct, args: Serv14#up1 } - { name: dn3, type: direct, args: Serv15#up1 } - { name: dn4, type: direct, args: Serv16#up1 } - name: Tor8 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn8 } - { name: up2, type: direct, args: Leaf2#dn8 } - { name: up3, type: direct, args: Leaf3#dn8 } - { name: up4, type: direct, args: Leaf4#dn8 } - { name: dn1, type: direct, args: Serv13#up2 } - { name: dn2, type: direct, args: Serv14#up2 } - { name: dn3, type: direct, args: Serv15#up2 } - { name: dn4, type: direct, args: Serv16#up2 } - name: Serv1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn1 } - { name: up2, type: direct, args: Tor2#dn1 } - { name: dn1, type: direct, args: Vm1a#net0 } - { name: dn2, type: direct, args: Vm1b#net0 } - name: Serv2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn2 } - { name: up2, type: direct, args: Tor2#dn2 } - { name: dn1, type: direct, args: Vm2a#net0 } - { name: dn2, type: direct, args: Vm2b#net0 } - name: Serv3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn3 } - { name: up2, type: direct, args: Tor2#dn3 } - { name: dn1, type: direct, args: Vm3a#net0 } - { name: dn2, type: direct, args: Vm3b#net0 } - name: Serv4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn4 } - { name: up2, type: direct, args: Tor2#dn4 } - { name: dn1, type: direct, args: Vm4a#net0 } - { name: dn2, type: direct, args: Vm4b#net0 } - name: Serv5 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn1 } - { name: up2, type: direct, args: Tor4#dn1 } - { name: dn1, type: direct, args: Vm5a#net0 } - { name: dn2, type: direct, args: Vm5b#net0 } - name: Serv6 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn2 } - { name: up2, type: direct, args: Tor4#dn2 } - { name: dn1, type: direct, args: Vm6a#net0 } - { name: dn2, type: direct, args: Vm6b#net0 } - name: Serv7 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn3 } - { name: up2, type: direct, args: Tor4#dn3 } - { name: dn1, type: direct, args: Vm7a#net0 } - { name: dn2, type: direct, args: Vm7b#net0 } - name: Serv8 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn4 } - { name: up2, type: direct, args: Tor4#dn4 } - { name: dn1, type: direct, args: Vm8a#net0 } - { name: dn2, type: direct, args: Vm8b#net0 } - name: Serv9 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn1 } - { name: up2, type: direct, args: Tor6#dn1 } - { name: dn1, type: direct, args: Vm9a#net0 } - { name: dn2, type: direct, args: Vm9b#net0 } - name: Serv10 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn2 } - { name: up2, type: direct, args: Tor6#dn2 } - { name: dn1, type: direct, args: Vm10a#net0 } - { name: dn2, type: direct, args: Vm10b#net0 } - name: Serv11 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn3 } - { name: up2, type: direct, args: Tor6#dn3 } - { name: dn1, type: direct, args: Vm11a#net0 } - { name: dn2, type: direct, args: Vm11b#net0 } - name: Serv12 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn4 } - { name: up2, type: direct, args: Tor6#dn4 } - { name: dn1, type: direct, args: Vm12a#net0 } - { name: dn2, type: direct, args: Vm12b#net0 } - name: Serv13 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn1 } - { name: up2, type: direct, args: Tor8#dn1 } - { name: dn1, type: direct, args: Vm13a#net0 } - { name: dn2, type: direct, args: Vm13b#net0 } - name: Serv14 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn2 } - { name: up2, type: direct, args: Tor8#dn2 } - { name: dn1, type: direct, args: Vm14a#net0 } - { name: dn2, type: direct, args: Vm14b#net0 } - name: Serv15 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn3 } - { name: up2, type: direct, args: Tor8#dn3 } - { name: dn1, type: direct, args: Vm15a#net0 } - { name: dn2, type: direct, args: Vm15b#net0 } - name: Serv16 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn4 } - { name: up2, type: direct, args: Tor8#dn4 } - { name: dn1, type: direct, args: Vm16a#net0 } - { name: dn2, type: direct, args: Vm16b#net0 } - name: Vm1a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv1#dn1 } ] - name: Vm2a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv2#dn1 } ] - name: Vm3a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv3#dn1 } ] - name: Vm4a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv4#dn1 } ] - name: Vm5a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv5#dn1 } ] - name: Vm6a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv6#dn1 } ] - name: Vm7a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv7#dn1 } ] - name: Vm8a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv8#dn1 } ] - name: Vm9a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv9#dn1 } ] - name: Vm10a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv10#dn1 } ] - name: Vm11a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv11#dn1 } ] - name: Vm12a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv12#dn1 } ] - name: Vm13a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv13#dn1 } ] - name: Vm14a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv14#dn1 } ] - name: Vm15a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv15#dn1 } ] - name: Vm16a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv16#dn1 } ] - name: Vm1b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv1#dn2 } ] - name: Vm2b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv2#dn2 } ] - name: Vm3b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv3#dn2 } ] - name: Vm4b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv4#dn2 } ] - name: Vm5b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv5#dn2 } ] - name: Vm6b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv6#dn2 } ] - name: Vm7b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv7#dn2 } ] - name: Vm8b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv8#dn2 } ] - name: Vm9b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv9#dn2 } ] - name: Vm10b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv10#dn2 } ] - name: Vm11b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv11#dn2 } ] - name: Vm12b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv12#dn2 } ] - name: Vm13b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv13#dn2 } ] - name: Vm14b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv14#dn2 } ] - name: Vm15b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv15#dn2 } ] - name: Vm16b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv16#dn2 } ] node_configs: - name: Ext1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.254/32" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65999" -c " bgp router-id 10.255.0.254" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Spine1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.1/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Spine2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.2/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65002" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.11/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65011" -c " bgp router-id 10.255.0.11" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.12/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65012" -c " bgp router-id 10.255.0.12" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.13/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65013" -c " bgp router-id 10.255.0.13" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.14/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65014" -c " bgp router-id 10.255.0.14" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.31/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65031" -c " bgp router-id 10.255.0.31" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.32/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65032" -c " bgp router-id 10.255.0.32" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.33/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65033" -c " bgp router-id 10.255.0.33" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.34/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65034" -c " bgp router-id 10.255.0.34" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor5 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.35/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65035" -c " bgp router-id 10.255.0.35" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor6 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.36/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65036" -c " bgp router-id 10.255.0.36" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor7 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.37/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65037" -c " bgp router-id 10.255.0.37" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor8 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.38/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65038" -c " bgp router-id 10.255.0.38" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.201/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65201" -c " bgp router-id 10.255.0.201" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.202/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65202" -c " bgp router-id 10.255.0.202" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.203/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65203" -c " bgp router-id 10.255.0.203" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.204/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65204" -c " bgp router-id 10.255.0.204" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv5 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.205/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65205" -c " bgp router-id 10.255.0.205" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv6 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.206/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65206" -c " bgp router-id 10.255.0.206" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv7 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.207/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65207" -c " bgp router-id 10.255.0.207" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv8 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.208/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65208" -c " bgp router-id 10.255.0.208" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv9 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.209/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65209" -c " bgp router-id 10.255.0.209" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv10 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.210/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65210" -c " bgp router-id 10.255.0.210" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv11 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.211/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65211" -c " bgp router-id 10.255.0.211" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv12 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.212/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65212" -c " bgp router-id 10.255.0.212" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv13 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.213/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65213" -c " bgp router-id 10.255.0.213" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv14 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.214/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65214" -c " bgp router-id 10.255.0.214" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv15 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.215/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65215" -c " bgp router-id 10.255.0.215" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv16 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.216/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65216" -c " bgp router-id 10.255.0.216" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" test: - name: p2p cmds: - cmd: docker exec Ext1 echo slank - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_clos/spec.yaml ================================================ nodes: - name: Ext1 image: slankdev/frr interfaces: # - { name: net0, type: direct, args: Internet#net0 } - { name: dn1, type: direct, args: Spine1#up1 } - { name: dn2, type: direct, args: Spine2#up1 } - name: Spine1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn1 } - { name: dn1, type: direct, args: Leaf1#up1 } - { name: dn2, type: direct, args: Leaf2#up1 } - { name: dn3, type: direct, args: Leaf3#up1 } - { name: dn4, type: direct, args: Leaf4#up1 } - name: Spine2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Ext1#dn2 } - { name: dn1, type: direct, args: Leaf1#up2 } - { name: dn2, type: direct, args: Leaf2#up2 } - { name: dn3, type: direct, args: Leaf3#up2 } - { name: dn4, type: direct, args: Leaf4#up2 } - name: Leaf1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn1 } - { name: up2, type: direct, args: Spine2#dn1 } - { name: dn1, type: direct, args: Tor1#up1 } - { name: dn2, type: direct, args: Tor2#up1 } - { name: dn3, type: direct, args: Tor3#up1 } - { name: dn4, type: direct, args: Tor4#up1 } - { name: dn5, type: direct, args: Tor5#up1 } - { name: dn6, type: direct, args: Tor6#up1 } - { name: dn7, type: direct, args: Tor7#up1 } - { name: dn8, type: direct, args: Tor8#up1 } - name: Leaf2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn2 } - { name: up2, type: direct, args: Spine2#dn2 } - { name: dn1, type: direct, args: Tor1#up2 } - { name: dn2, type: direct, args: Tor2#up2 } - { name: dn3, type: direct, args: Tor3#up2 } - { name: dn4, type: direct, args: Tor4#up2 } - { name: dn5, type: direct, args: Tor5#up2 } - { name: dn6, type: direct, args: Tor6#up2 } - { name: dn7, type: direct, args: Tor7#up2 } - { name: dn8, type: direct, args: Tor8#up2 } - name: Leaf3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn3 } - { name: up2, type: direct, args: Spine2#dn3 } - { name: dn1, type: direct, args: Tor1#up3 } - { name: dn2, type: direct, args: Tor2#up3 } - { name: dn3, type: direct, args: Tor3#up3 } - { name: dn4, type: direct, args: Tor4#up3 } - { name: dn5, type: direct, args: Tor5#up3 } - { name: dn6, type: direct, args: Tor6#up3 } - { name: dn7, type: direct, args: Tor7#up3 } - { name: dn8, type: direct, args: Tor8#up3 } - name: Leaf4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Spine1#dn4 } - { name: up2, type: direct, args: Spine2#dn4 } - { name: dn1, type: direct, args: Tor1#up4 } - { name: dn2, type: direct, args: Tor2#up4 } - { name: dn3, type: direct, args: Tor3#up4 } - { name: dn4, type: direct, args: Tor4#up4 } - { name: dn5, type: direct, args: Tor5#up4 } - { name: dn6, type: direct, args: Tor6#up4 } - { name: dn7, type: direct, args: Tor7#up4 } - { name: dn8, type: direct, args: Tor8#up4 } - name: Tor1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn1 } - { name: up2, type: direct, args: Leaf2#dn1 } - { name: up3, type: direct, args: Leaf3#dn1 } - { name: up4, type: direct, args: Leaf4#dn1 } - { name: dn1, type: direct, args: Serv1#up1 } - { name: dn2, type: direct, args: Serv2#up1 } - { name: dn3, type: direct, args: Serv3#up1 } - { name: dn4, type: direct, args: Serv4#up1 } - name: Tor2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn2 } - { name: up2, type: direct, args: Leaf2#dn2 } - { name: up3, type: direct, args: Leaf3#dn2 } - { name: up4, type: direct, args: Leaf4#dn2 } - { name: dn1, type: direct, args: Serv1#up2 } - { name: dn2, type: direct, args: Serv2#up2 } - { name: dn3, type: direct, args: Serv3#up2 } - { name: dn4, type: direct, args: Serv4#up2 } - name: Tor3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn3 } - { name: up2, type: direct, args: Leaf2#dn3 } - { name: up3, type: direct, args: Leaf3#dn3 } - { name: up4, type: direct, args: Leaf4#dn3 } - { name: dn1, type: direct, args: Serv5#up1 } - { name: dn2, type: direct, args: Serv6#up1 } - { name: dn3, type: direct, args: Serv7#up1 } - { name: dn4, type: direct, args: Serv8#up1 } - name: Tor4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn4 } - { name: up2, type: direct, args: Leaf2#dn4 } - { name: up3, type: direct, args: Leaf3#dn4 } - { name: up4, type: direct, args: Leaf4#dn4 } - { name: dn1, type: direct, args: Serv5#up2 } - { name: dn2, type: direct, args: Serv6#up2 } - { name: dn3, type: direct, args: Serv7#up2 } - { name: dn4, type: direct, args: Serv8#up2 } - name: Tor5 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn5 } - { name: up2, type: direct, args: Leaf2#dn5 } - { name: up3, type: direct, args: Leaf3#dn5 } - { name: up4, type: direct, args: Leaf4#dn5 } - { name: dn1, type: direct, args: Serv9#up1 } - { name: dn2, type: direct, args: Serv10#up1 } - { name: dn3, type: direct, args: Serv11#up1 } - { name: dn4, type: direct, args: Serv12#up1 } - name: Tor6 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn6 } - { name: up2, type: direct, args: Leaf2#dn6 } - { name: up3, type: direct, args: Leaf3#dn6 } - { name: up4, type: direct, args: Leaf4#dn6 } - { name: dn1, type: direct, args: Serv9#up2 } - { name: dn2, type: direct, args: Serv10#up2 } - { name: dn3, type: direct, args: Serv11#up2 } - { name: dn4, type: direct, args: Serv12#up2 } - name: Tor7 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn7 } - { name: up2, type: direct, args: Leaf2#dn7 } - { name: up3, type: direct, args: Leaf3#dn7 } - { name: up4, type: direct, args: Leaf4#dn7 } - { name: dn1, type: direct, args: Serv13#up1 } - { name: dn2, type: direct, args: Serv14#up1 } - { name: dn3, type: direct, args: Serv15#up1 } - { name: dn4, type: direct, args: Serv16#up1 } - name: Tor8 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Leaf1#dn8 } - { name: up2, type: direct, args: Leaf2#dn8 } - { name: up3, type: direct, args: Leaf3#dn8 } - { name: up4, type: direct, args: Leaf4#dn8 } - { name: dn1, type: direct, args: Serv13#up2 } - { name: dn2, type: direct, args: Serv14#up2 } - { name: dn3, type: direct, args: Serv15#up2 } - { name: dn4, type: direct, args: Serv16#up2 } - name: Serv1 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn1 } - { name: up2, type: direct, args: Tor2#dn1 } - { name: dn1, type: direct, args: Vm1a#net0 } - { name: dn2, type: direct, args: Vm1b#net0 } - name: Serv2 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn2 } - { name: up2, type: direct, args: Tor2#dn2 } - { name: dn1, type: direct, args: Vm2a#net0 } - { name: dn2, type: direct, args: Vm2b#net0 } - name: Serv3 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn3 } - { name: up2, type: direct, args: Tor2#dn3 } - { name: dn1, type: direct, args: Vm3a#net0 } - { name: dn2, type: direct, args: Vm3b#net0 } - name: Serv4 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor1#dn4 } - { name: up2, type: direct, args: Tor2#dn4 } - { name: dn1, type: direct, args: Vm4a#net0 } - { name: dn2, type: direct, args: Vm4b#net0 } - name: Serv5 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn1 } - { name: up2, type: direct, args: Tor4#dn1 } - { name: dn1, type: direct, args: Vm5a#net0 } - { name: dn2, type: direct, args: Vm5b#net0 } - name: Serv6 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn2 } - { name: up2, type: direct, args: Tor4#dn2 } - { name: dn1, type: direct, args: Vm6a#net0 } - { name: dn2, type: direct, args: Vm6b#net0 } - name: Serv7 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn3 } - { name: up2, type: direct, args: Tor4#dn3 } - { name: dn1, type: direct, args: Vm7a#net0 } - { name: dn2, type: direct, args: Vm7b#net0 } - name: Serv8 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor3#dn4 } - { name: up2, type: direct, args: Tor4#dn4 } - { name: dn1, type: direct, args: Vm8a#net0 } - { name: dn2, type: direct, args: Vm8b#net0 } - name: Serv9 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn1 } - { name: up2, type: direct, args: Tor6#dn1 } - { name: dn1, type: direct, args: Vm9a#net0 } - { name: dn2, type: direct, args: Vm9b#net0 } - name: Serv10 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn2 } - { name: up2, type: direct, args: Tor6#dn2 } - { name: dn1, type: direct, args: Vm10a#net0 } - { name: dn2, type: direct, args: Vm10b#net0 } - name: Serv11 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn3 } - { name: up2, type: direct, args: Tor6#dn3 } - { name: dn1, type: direct, args: Vm11a#net0 } - { name: dn2, type: direct, args: Vm11b#net0 } - name: Serv12 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor5#dn4 } - { name: up2, type: direct, args: Tor6#dn4 } - { name: dn1, type: direct, args: Vm12a#net0 } - { name: dn2, type: direct, args: Vm12b#net0 } - name: Serv13 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn1 } - { name: up2, type: direct, args: Tor8#dn1 } - { name: dn1, type: direct, args: Vm13a#net0 } - { name: dn2, type: direct, args: Vm13b#net0 } - name: Serv14 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn2 } - { name: up2, type: direct, args: Tor8#dn2 } - { name: dn1, type: direct, args: Vm14a#net0 } - { name: dn2, type: direct, args: Vm14b#net0 } - name: Serv15 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn3 } - { name: up2, type: direct, args: Tor8#dn3 } - { name: dn1, type: direct, args: Vm15b#net0 } - { name: dn2, type: direct, args: Vm15b#net0 } - name: Serv16 image: slankdev/frr interfaces: - { name: up1, type: direct, args: Tor7#dn4 } - { name: up2, type: direct, args: Tor8#dn4 } - { name: dn1, type: direct, args: Vm16b#net0 } - { name: dn2, type: direct, args: Vm16b#net0 } - name: Vm1a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv1#dn1 } ] - name: Vm2a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv2#dn1 } ] - name: Vm3a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv3#dn1 } ] - name: Vm4a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv4#dn1 } ] - name: Vm5a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv5#dn1 } ] - name: Vm6a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv6#dn1 } ] - name: Vm7a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv7#dn1 } ] - name: Vm8a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv8#dn1 } ] - name: Vm9a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv9#dn1 } ] - name: Vm10a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv10#dn1 } ] - name: Vm11a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv11#dn1 } ] - name: Vm12a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv12#dn1 } ] - name: Vm13a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv13#dn1 } ] - name: Vm14a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv14#dn1 } ] - name: Vm15a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv15#dn1 } ] - name: Vm16a image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv16#dn1 } ] - name: Vm1b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv1#dn2 } ] - name: Vm2b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv2#dn2 } ] - name: Vm3b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv3#dn2 } ] - name: Vm4b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv4#dn2 } ] - name: Vm5b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv5#dn2 } ] - name: Vm6b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv6#dn2 } ] - name: Vm7b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv7#dn2 } ] - name: Vm8b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv8#dn2 } ] - name: Vm9b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv9#dn2 } ] - name: Vm10b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv10#dn2 } ] - name: Vm11b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv11#dn2 } ] - name: Vm12b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv12#dn2 } ] - name: Vm13b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv13#dn2 } ] - name: Vm14b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv14#dn2 } ] - name: Vm15b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv15#dn2 } ] - name: Vm16b image: slankdev/frr interfaces: [ { name: net0, type: direct, args: Serv16#dn2 } ] node_configs: - name: Ext1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.254/32" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65999" -c " bgp router-id 10.255.0.254" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Spine1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.1/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Spine2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.2/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65002" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.11/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65011" -c " bgp router-id 10.255.0.11" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.12/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65012" -c " bgp router-id 10.255.0.12" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.13/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65013" -c " bgp router-id 10.255.0.13" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Leaf4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.14/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn5" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn6" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn7" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn8" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65014" -c " bgp router-id 10.255.0.14" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " neighbor dn5 interface peer-group FABRIC" -c " neighbor dn6 interface peer-group FABRIC" -c " neighbor dn7 interface peer-group FABRIC" -c " neighbor dn8 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.31/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65031" -c " bgp router-id 10.255.0.31" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.32/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65032" -c " bgp router-id 10.255.0.32" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.33/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65033" -c " bgp router-id 10.255.0.33" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.34/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65034" -c " bgp router-id 10.255.0.34" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor5 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.35/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65035" -c " bgp router-id 10.255.0.35" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor6 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.36/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65036" -c " bgp router-id 10.255.0.36" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor7 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.37/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65037" -c " bgp router-id 10.255.0.37" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Tor8 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.38/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn3" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int dn4" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65038" -c " bgp router-id 10.255.0.38" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " neighbor up3 interface peer-group FABRIC" -c " neighbor up4 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " neighbor dn2 interface peer-group FABRIC" -c " neighbor dn3 interface peer-group FABRIC" -c " neighbor dn4 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv1 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.201/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65201" -c " bgp router-id 10.255.0.201" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv2 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.202/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65202" -c " bgp router-id 10.255.0.202" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv3 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.203/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65203" -c " bgp router-id 10.255.0.203" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv4 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.204/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65204" -c " bgp router-id 10.255.0.204" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv5 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.205/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65205" -c " bgp router-id 10.255.0.205" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv6 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.206/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65206" -c " bgp router-id 10.255.0.206" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv7 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.207/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65207" -c " bgp router-id 10.255.0.207" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv8 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.208/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65208" -c " bgp router-id 10.255.0.208" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv9 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.209/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65209" -c " bgp router-id 10.255.0.209" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv10 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.210/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65210" -c " bgp router-id 10.255.0.210" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv11 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.211/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65211" -c " bgp router-id 10.255.0.211" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv12 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.212/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65212" -c " bgp router-id 10.255.0.212" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv13 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.213/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65213" -c " bgp router-id 10.255.0.213" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv14 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.214/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65214" -c " bgp router-id 10.255.0.214" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv15 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.215/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65215" -c " bgp router-id 10.255.0.215" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" - name: Serv16 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c "ip addr 10.255.0.216/32" -c "int up1" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "int up2" -c "ipv6 nd ra-interval 1" -c "no ipv6 nd suppress-ra" -c "router bgp 65216" -c " bgp router-id 10.255.0.216" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor up2 interface peer-group FABRIC" -c " address-family ipv4 unicast" -c " redistribute connected route-map redis_lo" -c " exit-address-family" -c "route-map redis_lo permit 10" -c " match interface lo" test: - name: p2p cmds: - cmd: docker exec Ext1 echo slank - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_conntrack/connection_sync/Makefile ================================================ NAME=N1 log_N1: while :; do \ docker exec $(NAME) vtysh -c 'conf te' -c 'log file /tmp/frr.log'; \ docker exec -it $(NAME) tail -f /tmp/frr.log; \ sleep 1 ; done ================================================ FILE: examples/basic_conntrack/connection_sync/README.md ================================================ # Connection Sync with conntrackd and keepalived ``` tn upconf | sudo sh ``` ================================================ FILE: examples/basic_conntrack/connection_sync/spec.yaml ================================================ nodes: - name: C1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: S1#net0, } - name: C2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: S2#net0, } - name: S1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: C1#net0, } - { name: net1, type: direct, args: N1#net0, } - { name: net2, type: direct, args: N2#net0, } - name: S2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: C2#net0, } - { name: net1, type: direct, args: N1#net1, } - { name: net2, type: direct, args: N2#net1, } - name: N1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: S1#net1, } - { name: net1, type: direct, args: S2#net1, } - { name: fab0, type: direct, args: N2#fab0, } - name: N2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: S1#net2, } - { name: net1, type: direct, args: S2#net2, } - { name: fab0, type: direct, args: N1#fab0, } node_configs: - name: C1 cmds: - cmd: ip addr add 8.8.8.8/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" -c "do write" - cmd: sh -c "echo It works > index.html" - cmd: nohup python3 -m http.server 80 & - name: C2 cmds: - cmd: ip addr add 10.0.0.1/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 2" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" -c "do write" - name: S1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 3" -c " bgp router-id 10.255.0.3" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " neighbor net1 interface peer-group FABRIC" -c " neighbor net2 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" -c "do write" - name: S2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 4" -c " bgp router-id 10.255.0.4" -c " bgp bestpath as-path multipath-relax" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor net0 interface peer-group FABRIC" -c " neighbor net1 interface peer-group FABRIC" -c " neighbor net2 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " exit-address-family" -c "!" -c "do write" - name: N1 cmds: - cmd: ip addr add 99.0.0.1/24 dev fab0 - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 5" -c " bgp router-id 10.255.0.5" -c " bgp bestpath as-path multipath-relax" -c " neighbor net0 interface remote-as external" -c " neighbor net1 interface remote-as external" -c " !" -c " address-family ipv4 unicast" -c " network 0.0.0.0/0" -c " redistribute connected" -c " neighbor net0 route-map MAP1 out" -c " neighbor net1 route-map MAP2 out" -c " exit-address-family" -c "!" -c "route-map MAP1 permit 1" -c " match ip address prefix-list PLIST1" -c "!" -c "route-map MAP2 permit 1" -c " match ip address prefix-list PLIST2" -c "!" -c "ip prefix-list PLIST1 seq 5 permit 20.0.0.0/8 ge 24" -c "ip prefix-list PLIST2 seq 5 permit 0.0.0.0/0" -c "!" -c "do write" - cmd: ip addr add 20.0.0.1/32 dev lo - cmd: ip addr add 20.0.0.2/32 dev lo - cmd: iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j SNAT -p tcp --to-source 20.0.0.1:10000-20008 - name: N2 cmds: - cmd: ip addr add 99.0.0.2/24 dev fab0 - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip addr add 20.0.0.1/32 dev lo - cmd: ip addr add 20.0.0.2/32 dev lo - cmd: iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j SNAT -p tcp --to-source 20.0.0.1:10000-20008 ================================================ FILE: examples/basic_coredns/blacklist/Corefile.NS1 ================================================ .:53 { errors log forward . 8.8.8.8 } ichihara.org { etcd ichihara.org { path /dns-server01 endpoint http://10.0.0.100:2379 } } emacs.org { } sublimetext.com { } ================================================ FILE: examples/basic_coredns/blacklist/README.md ================================================ # CoreDNS example (very simple blacklist) ![](topo.png) - Blacklisted - emacs.org - sublimetext.com ``` docker exec R1 nslookup slank.dev docker exec R1 nslookup test1.ichihara.org docker exec R1 nslookup test2.ichihara.org docker exec R1 nslookup www.vim.org docker exec R1 nslookup emacs.org docker exec R1 nslookup sublimetext.com ``` ================================================ FILE: examples/basic_coredns/blacklist/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp Corefile.NS1 NS1:/Corefile # - cmd: docker cp Corefile.NS2 NS2:/Corefile # - cmd: docker cp Corefile.NS3 NS3:/Corefile nodes: - name: S1 image: slankdev/coredns:centos-7 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: NS1#net0 } - { name: net2, type: direct, args: NS2#net0 } - { name: net3, type: direct, args: NS3#net0 } - { name: net4, type: direct, args: KVS#net0 } - name: R1 image: slankdev/coredns:centos-7 interfaces: - { name: net0, type: direct, args: S1#net0 } - name: KVS image: slankdev/etcd:centos-7 interfaces: - { name: net0, type: direct, args: S1#net4 } - name: NS1 image: slankdev/coredns:centos-7 net_base: bridge interfaces: - { name: net0, type: direct, args: S1#net1 } - name: NS2 image: slankdev/coredns:centos-7 net_base: bridge interfaces: - { name: net0, type: direct, args: S1#net2 } - name: NS3 image: slankdev/coredns:centos-7 net_base: bridge interfaces: - { name: net0, type: direct, args: S1#net3 } node_configs: - name: S1 cmds: - cmd: ip link add br0 type bridge - cmd: ip link set br0 up - cmd: ip link set net0 master br0 - cmd: ip link set net1 master br0 - cmd: ip link set net2 master br0 - cmd: ip link set net3 master br0 - cmd: ip link set net4 master br0 - name: KVS cmds: - cmd: ip addr add 10.0.0.100/24 dev net0 - cmd: >- nohup etcd --listen-peer-urls="http://10.0.0.100:2380" --listen-client-urls="http://10.0.0.100:2379" --advertise-client-urls="http://10.0.0.100:2379" & - cmd: sleep 3 - cmd: etcdctl --endpoints="http://10.0.0.100:2379" put /dns-server01/org/ichihara/test1/server01 '{"host":"99.1.0.1","port":80}' - cmd: etcdctl --endpoints="http://10.0.0.100:2379" put /dns-server01/org/ichihara/test1/server02 '{"host":"99.1.0.2","port":80}' - cmd: etcdctl --endpoints="http://10.0.0.100:2379" put /dns-server01/org/ichihara/test2/server01 '{"host":"99.2.0.2","port":80}' - name: NS1 cmds: - cmd: ip addr add 10.0.0.254/24 dev net0 - cmd: nohup coredns -conf /Corefile & - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: sh -c 'echo nameserver 10.0.0.254 > /etc/resolv.conf' ================================================ FILE: examples/basic_ebgp/spec.yaml ================================================ # DESCRIPTION: BGP network using FRR # # INIT: # cns spec.yaml init | sudo sh # cns spec.yaml conf | sudo sh # cns spec.yaml test | sudo sh # # FINI: # cns spec.yaml fini | sudo sh # # TOPO: # # vlan1:10.0.0.0/24 # .1(net0) .2(net0) # R0(AS100)------------------R1(AS200) # (net1).1| |.1(net1) # | | # vlan1:10.1.0.0/24 | | vlan1:10.2.0.0/24 # | | # (net0).2| |.2(net0) # R2(AS300) R3(AS400) # (net1).1| |.1(net1) # | | # vlan1:10.3.0.0/24 | | vlan1:10.4.0.0/24 # | | # (net0).2| |.2(net0) # C0 C1 # nodes: - name: R0 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R2#net0 } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R0#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R0#net1 } - { name: net1, type: direct, args: C0#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: C1#net0 } - name: C0 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R2#net1 } - name: C1 image: slankdev/ubuntu:16.04 interfaces: - { name: net0, type: direct, args: R3#net1 } node_configs: - name: R0 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 100" -c "bgp router-id 1.1.1.1" -c "neighbor 10.0.0.2 remote-as 200" -c "neighbor 10.1.0.2 remote-as 300" -c "network 10.1.0.0/24" -c "network 10.1.2.0/24" - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 200" -c "bgp router-id 2.2.2.2" -c "neighbor 10.0.0.1 remote-as 100" -c "neighbor 10.2.0.2 remote-as 400" -c "network 10.2.0.0/24" -c "network 10.2.4.0/24" - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.3.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 300" -c "bgp router-id 3.3.3.3" -c "neighbor 10.1.0.1 remote-as 100" -c "network 10.3.0.0/24" - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip addr add 10.4.0.1/24 dev net1 - cmd: >- vtysh -c "conf t" -c "router bgp 400" -c "bgp router-id 4.4.4.4" -c "neighbor 10.2.0.1 remote-as 200" -c "network 10.4.0.0/24" - name: C0 cmds: - cmd: ip addr add 10.3.0.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 10.3.0.1 - name: C1 cmds: - cmd: ip addr add 10.4.0.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 10.4.0.1 test: - cmds: - cmd: docker exec C0 ping -c2 10.4.0.2 ================================================ FILE: examples/basic_ecmp/README.md ================================================ ![](topo.jpeg) ================================================ FILE: examples/basic_ecmp/scale.diff ================================================ diff --git a/examples/basic_ecmp/spec.yaml b/examples/basic_ecmp/spec.yaml index c2c0bd2..79ab538 100644 --- a/examples/basic_ecmp/spec.yaml +++ b/examples/basic_ecmp/spec.yaml @@ -38,6 +38,16 @@ nodes: interfaces: - { name: net0, type: direct, args: R3#net1 } + - name: R4 + image: slankdev/frr + interfaces: + - { name: net0, type: bridge, args: B0 } + - { name: net1, type: direct, args: S4#net0 } + - name: S4 + image: tmp + interfaces: + - { name: net0, type: direct, args: R4#net1 } + switches: - name: B0 interfaces: @@ -45,6 +55,7 @@ switches: - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } + - { name: net0, type: container, args: R4 } node_configs: - name: S0 @@ -123,6 +134,26 @@ node_configs: - cmd: sh -c "echo S3 > index.html" - cmd: nohup python3 -m http.server 80 & + - name: R4 + cmds: + - cmd: /usr/lib/frr/frr start + - cmd: ip addr add 10.255.0.40/32 dev lo + - cmd: ip addr add 10.0.0.40/24 dev net0 + - cmd: ip addr add 192.168.0.1/24 dev net1 + - cmd: ip route replace default via 10.0.0.1 + - cmd: >- + vtysh -c 'conf t' + -c 'router bgp 100' + -c ' bgp router-id 10.255.0.40' + -c ' neighbor 10.0.0.1 remote-as 100' + -c ' network 192.168.0.2/32' + - name: S4 + cmds: + - cmd: ip addr add 192.168.0.2/24 dev net0 + - cmd: ip route replace default via 192.168.0.1 + - cmd: sh -c "echo S4 > index.html" + - cmd: nohup python3 -m http.server 80 & + test: - cmds: # local link ================================================ FILE: examples/basic_ecmp/spec.yaml ================================================ # http://www.asciiflow.com nodes: - name: S0 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R0#net1 } - name: R0 image: slankdev/frr interfaces: - { name: net1, type: direct, args: S0#net0 } - { name: net0, type: bridge, args: B0 } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: S1#net0 } - name: S1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: S2#net0 } - name: S2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: S3#net0 } - name: S3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R3#net1 } switches: - name: B0 interfaces: - { name: net0, type: container, args: R0 } - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } node_configs: - name: S0 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route replace default via 10.1.0.1 - name: R0 cmds: - cmd: sysctl -w 'net.ipv4.fib_multipath_hash_policy=1' - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: >- vtysh -c 'conf t' -c 'router bgp 100' -c ' bgp router-id 10.255.0.1' -c ' neighbor 10.0.0.10 remote-as 100' -c ' neighbor 10.0.0.20 remote-as 100' -c ' neighbor 10.0.0.30 remote-as 100' - cmd: vtysh -c "do write mem" - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.255.0.10/32 dev lo - cmd: ip addr add 10.0.0.10/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip route replace default via 10.0.0.1 - cmd: >- vtysh -c 'conf t' -c 'router bgp 100' -c ' bgp router-id 10.255.0.10' -c ' neighbor 10.0.0.1 remote-as 100' -c ' network 192.168.0.2/32' - name: S1 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route replace default via 192.168.0.1 - cmd: sh -c "echo S1 > index.html" - cmd: nohup python3 -m http.server 80 & - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.255.0.20/32 dev lo - cmd: ip addr add 10.0.0.20/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip route replace default via 10.0.0.1 - cmd: >- vtysh -c 'conf t' -c 'router bgp 100' -c ' bgp router-id 10.255.0.20' -c ' neighbor 10.0.0.1 remote-as 100' -c ' network 192.168.0.2/32' - name: S2 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route replace default via 192.168.0.1 - cmd: sh -c "echo S2 > index.html" - cmd: nohup python3 -m http.server 80 & - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.255.0.30/32 dev lo - cmd: ip addr add 10.0.0.30/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip route replace default via 10.0.0.1 - cmd: >- vtysh -c 'conf t' -c 'router bgp 100' -c ' bgp router-id 10.255.0.30' -c ' neighbor 10.0.0.1 remote-as 100' -c ' network 192.168.0.2/32' - name: S3 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip route replace default via 192.168.0.1 - cmd: sh -c "echo S3 > index.html" - cmd: nohup python3 -m http.server 80 & test: - cmds: # local link - cmd: docker exec S0 ping -c2 10.1.0.1 - cmd: docker exec S1 ping -c2 192.168.0.1 - cmd: docker exec S2 ping -c2 192.168.0.1 - cmd: docker exec S3 ping -c2 192.168.0.1 - cmd: docker exec R0 ping -c2 10.1.0.2 - cmd: docker exec R0 ping -c2 10.0.0.10 - cmd: docker exec R0 ping -c2 10.0.0.20 - cmd: docker exec R0 ping -c2 10.0.0.30 - cmd: docker exec R1 ping -c2 192.168.0.2 - cmd: docker exec R1 ping -c2 10.0.0.1 - cmd: docker exec R1 ping -c2 10.0.0.10 - cmd: docker exec R1 ping -c2 10.0.0.20 - cmd: docker exec R1 ping -c2 10.0.0.30 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.10 - cmd: docker exec R2 ping -c2 10.0.0.20 - cmd: docker exec R2 ping -c2 10.0.0.30 - cmd: docker exec R3 ping -c2 10.0.0.1 - cmd: docker exec R3 ping -c2 10.0.0.10 - cmd: docker exec R3 ping -c2 10.0.0.20 - cmd: docker exec R3 ping -c2 10.0.0.30 # remote link - cmd: docker exec S0 ping -c2 192.168.0.2 ================================================ FILE: examples/basic_evpn/README.md ================================================ # EVPN ![](./topo.png) ================================================ FILE: examples/basic_evpn/spec.yaml ================================================ nodes: - name: RR image: slankdev/frr interfaces: - { name: net0, type: bridge, args: BB_SW } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: BB_SW } - { name: net1, type: direct, args: C1#net0 } - { name: net2, type: direct, args: C2#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: BB_SW } - { name: net1, type: direct, args: C3#net0 } - { name: net2, type: direct, args: C4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: bridge, args: BB_SW } - { name: net1, type: direct, args: C5#net0 } - { name: net2, type: direct, args: C6#net0 } - name: C1 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R1#net1 } ] - name: C2 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R1#net2 } ] - name: C3 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R2#net1 } ] - name: C4 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R2#net2 } ] - name: C5 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R3#net1 } ] - name: C6 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R3#net2 } ] switches: - name: BB_SW interfaces: - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } - { name: net0, type: container, args: RR } node_configs: - name: RR cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:ff:00:00 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c " ip address 10.255.0.254/32" -c " exit" -c "int net0" -c " ip address 10.0.0.254/24" -c " exit" -c "ip route 10.255.0.1/32 10.0.0.1" -c "ip route 10.255.0.2/32 10.0.0.2" -c "ip route 10.255.0.3/32 10.0.0.3" -c "router bgp 65001" -c " bgp router-id 10.255.0.254" -c " neighbor 10.255.0.1 remote-as internal" -c " neighbor 10.255.0.1 update-source lo" -c " neighbor 10.255.0.2 remote-as internal" -c " neighbor 10.255.0.2 update-source lo" -c " neighbor 10.255.0.3 remote-as internal" -c " neighbor 10.255.0.3 update-source lo" -c " address-family ipv4 unicast" -c " neighbor 10.255.0.1 activate" -c " neighbor 10.255.0.1 route-reflector-client" -c " neighbor 10.255.0.2 activate" -c " neighbor 10.255.0.2 route-reflector-client" -c " neighbor 10.255.0.3 activate" -c " neighbor 10.255.0.3 route-reflector-client" -c " exit-address-family" -c " address-family l2vpn evpn" -c " neighbor 10.255.0.1 activate" -c " neighbor 10.255.0.1 route-reflector-client" -c " neighbor 10.255.0.2 activate" -c " neighbor 10.255.0.2 route-reflector-client" -c " neighbor 10.255.0.3 activate" -c " neighbor 10.255.0.3 route-reflector-client" -c " advertise-all-vni" -c " exit-address-family" - name: R1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:aa:01:00 - cmd: ip link set net1 address 52:54:00:aa:01:01 - cmd: ip link set net2 address 52:54:00:aa:01:02 - cmd: /usr/lib/frr/frr start - cmd: ip link add br100 type bridge - cmd: ip link set dev br100 up - cmd: ip addr add 10.100.0.1/16 dev br100 - cmd: >- ip link add vxlan100 type vxlan id 100 dstport 4789 local 10.255.0.1 - cmd: ip link add br200 type bridge - cmd: ip link set dev br200 up - cmd: ip addr add 10.200.0.1/16 dev br200 - cmd: >- ip link add vxlan200 type vxlan id 200 dstport 4789 local 10.255.0.1 - cmd: ip link set dev net1 master br100 - cmd: ip link set dev net1 promisc on - cmd: ip link set dev net1 up - cmd: ip link set dev vxlan100 master br100 - cmd: ip link set dev vxlan100 promisc on - cmd: ip link set dev vxlan100 up - cmd: ip link set dev net2 master br200 - cmd: ip link set dev net2 promisc on - cmd: ip link set dev net2 up - cmd: ip link set dev vxlan200 master br200 - cmd: ip link set dev vxlan200 promisc on - cmd: ip link set dev vxlan200 up - cmd: >- vtysh -c "conf t" -c "int lo" -c " ip address 10.255.0.1/32" -c " exit" -c "int net0" -c " ip address 10.0.0.1/24" -c " exit" -c "ip route 10.255.0.254/32 10.0.0.254" -c "ip route 10.255.0.2/32 10.0.0.2" -c "ip route 10.255.0.3/32 10.0.0.3" -c "router bgp 65001" -c " bgp router-id 10.255.0.1" -c " neighbor 10.255.0.254 remote-as internal" -c " neighbor 10.255.0.254 update-source lo" -c " address-family l2vpn evpn" -c " neighbor 10.255.0.254 activate" -c " advertise-all-vni" -c " exit-address-family" - name: R2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:aa:02:00 - cmd: ip link set net1 address 52:54:00:aa:02:01 - cmd: ip link set net2 address 52:54:00:aa:02:02 - cmd: /usr/lib/frr/frr start - cmd: ip link add br100 type bridge - cmd: ip link set dev br100 up - cmd: ip addr add 10.100.0.2/16 dev br100 - cmd: >- ip link add vxlan100 type vxlan id 100 dstport 4789 local 10.255.0.2 - cmd: ip link add br200 type bridge - cmd: ip link set dev br200 up - cmd: ip addr add 10.200.0.2/16 dev br200 - cmd: >- ip link add vxlan200 type vxlan id 200 dstport 4789 local 10.255.0.2 - cmd: ip link set dev net1 master br100 - cmd: ip link set dev net1 promisc on - cmd: ip link set dev net1 up - cmd: ip link set dev vxlan100 master br100 - cmd: ip link set dev vxlan100 promisc on - cmd: ip link set dev vxlan100 up - cmd: ip link set dev net2 master br200 - cmd: ip link set dev net2 promisc on - cmd: ip link set dev net2 up - cmd: ip link set dev vxlan200 master br200 - cmd: ip link set dev vxlan200 promisc on - cmd: ip link set dev vxlan200 up - cmd: >- vtysh -c "conf t" -c "int lo" -c " ip address 10.255.0.2/32" -c " exit" -c "int net0" -c " ip address 10.0.0.2/24" -c " exit" -c "ip route 10.255.0.254/32 10.0.0.254" -c "ip route 10.255.0.1/32 10.0.0.1" -c "ip route 10.255.0.3/32 10.0.0.3" -c "router bgp 65001" -c " bgp router-id 10.255.0.2" -c " neighbor 10.255.0.254 remote-as internal" -c " neighbor 10.255.0.254 update-source lo" -c " address-family l2vpn evpn" -c " neighbor 10.255.0.254 activate" -c " advertise-all-vni" -c " exit-address-family" - name: R3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:aa:03:00 - cmd: ip link set net1 address 52:54:00:aa:03:01 - cmd: ip link set net2 address 52:54:00:aa:03:02 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c "conf t" -c "int lo" -c " ip address 10.255.0.3/32" -c " exit" -c "int net0" -c " ip address 10.0.0.3/24" -c " exit" -c "ip route 10.255.0.254/32 10.0.0.254" -c "ip route 10.255.0.1/32 10.0.0.1" -c "ip route 10.255.0.2/32 10.0.0.2" -c "router bgp 65001" -c " bgp router-id 10.255.0.3" -c " neighbor 10.255.0.254 remote-as internal" -c " neighbor 10.255.0.254 update-source lo" -c " address-family l2vpn evpn" -c " neighbor 10.255.0.254 activate" -c " advertise-all-vni" -c " exit-address-family" - name: C1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:bb:01:00 - cmd: ip addr add 10.100.1.1/16 dev net0 - name: C2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:bb:02:00 - cmd: ip addr add 10.200.1.2/16 dev net0 - name: C3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:bb:03:00 - cmd: ip addr add 10.100.2.3/16 dev net0 - name: C4 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip link set net0 address 52:54:00:bb:04:00 - cmd: ip addr add 10.200.2.4/16 dev net0 # test: # - cmds: # - cmd: docker exec R0 ping -c2 10.0.0.2 # - cmd: docker exec R0 ping -c2 2.2.2.2 # - cmd: docker exec R1 ping -c2 1.1.1.1 # - cmd: docker exec C0 ping -c2 192.168.0.20 # - cmd: docker exec C1 ping -c2 192.168.0.2 ================================================ FILE: examples/basic_exabgp/Makefile ================================================ exabgp: exabgp ./exabgp.conf PCAP_PATH=/vagrant getcapture: tcpdump -ni net0 -w $(PCAP_PATH)/in.pcap & exabgp ./exabgp.conf & sleep 2 killall tcpdump killall python3 show: docker exec R1 vtysh -c 'sh bgp ipv4 uni' ================================================ FILE: examples/basic_exabgp/README.md ================================================ # ExaBGP test ``` tn upconf | sudo sh docker_mount_netns R2 ns0 ip netns exec ns0 bash make //execute exabgp make getcapture //execute exabgp and pcap. ``` ================================================ FILE: examples/basic_exabgp/daemons.R1 ================================================ # This file tells the frr package which daemons to start. # # Sample configurations for these daemons can be found in # /usr/share/doc/frr/examples/. # # ATTENTION: # # When activating a daemon for the first time, a config file, even if it is # empty, has to be present *and* be owned by the user and group "frr", else # the daemon will not be started by /etc/init.d/frr. The permissions should # be u=rw,g=r,o=. # When using "vtysh" such a config file is also needed. It should be owned by # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. # # The watchfrr and zebra daemons are always started. # bgpd=yes ospfd=no ospf6d=no ripd=no ripngd=no isisd=no pimd=no ldpd=no nhrpd=no eigrpd=no babeld=no sharpd=no pbrd=no bfdd=no fabricd=no vrrpd=no # # If this option is set the /etc/init.d/frr script automatically loads # the config via "vtysh -b" when the servers are started. # Check /etc/pam.d/frr if you intend to use "vtysh"! # vtysh_enable=yes zebra_options=" -A 127.0.0.1 -s 90000000" bgpd_options=" -A 127.0.0.1" ospfd_options=" -A 127.0.0.1" ospf6d_options=" -A ::1" ripd_options=" -A 127.0.0.1" ripngd_options=" -A ::1" isisd_options=" -A 127.0.0.1" pimd_options=" -A 127.0.0.1" ldpd_options=" -A 127.0.0.1" nhrpd_options=" -A 127.0.0.1" eigrpd_options=" -A 127.0.0.1" babeld_options=" -A 127.0.0.1" sharpd_options=" -A 127.0.0.1" pbrd_options=" -A 127.0.0.1" staticd_options="-A 127.0.0.1" bfdd_options=" -A 127.0.0.1" fabricd_options="-A 127.0.0.1" vrrpd_options=" -A 127.0.0.1" # configuration profile # #frr_profile="traditional" #frr_profile="datacenter" # # This is the maximum number of FD's that will be available. # Upon startup this is read by the control files and ulimit # is called. Uncomment and use a reasonable value for your # setup if you are expecting a large number of peers in # say BGP. #MAX_FDS=1024 # The list of daemons to watch is automatically generated by the init script. ##watchfrr_options="" # for debugging purposes, you can specify a "wrap" command to start instead # of starting the daemon directly, e.g. to use valgrind on ospfd: # ospfd_wrap="/usr/bin/valgrind" # or you can use "all_wrap" for all daemons, e.g. to use perf record: # all_wrap="/usr/bin/perf record --call-graph -" # the normal daemon command is added to this at the end. ================================================ FILE: examples/basic_exabgp/exabgp.conf ================================================ neighbor 10.0.0.1 { router-id 2.2.2.2; local-address 10.0.0.2; local-as 2; peer-as 1; #capability { # nexthop true; #} family { ipv4 unicast; ipv4 mpls-vpn; } nexthop { #ipv4 unicast ipv6; #ipv4 mpls-vpn ipv6; } static { #route 1.1.1.1/32 next-hop 2.2.2.2; #route 1.1.1.3/32 next-hop 2.2.2.2 bgp-prefix-sid [ 888 ]; #route 1.1.1.6/32 next-hop 3.3.3.3 bgp-prefix-sid-srv6 ( ipv6 A:: ); #route 2.2.2.2/32 rd 1:1 nexthop 2.2.2.2 extended-community [0x ] #route 1.1.1.10/32 next-hop cafe::1; #route 10.0.0.0/24 rd 65000:1 next-hop 200.10.0.101 extended-community [ 0x0002fde800000001 ] label 3 bgp-prefix-sid-srv6 ( vpn A:: ); #route 10.0.0.0/24 rd 65000:1 next-hop 200.10.0.101 extended-community [ 0x0002fde800000001 ] label 3 bgp-prefix-sid-srv6 ( l3vpn A:: ); route 10.0.0.0/24 rd 1:1 next-hop cafe::1 extended-community [ 0x0002fde800000001 ] label 3 bgp-prefix-sid-srv6 ( l3vpn 2001:1::10 ); } } ================================================ FILE: examples/basic_exabgp/exabgp.conf.R2 ================================================ neighbor 10.0.0.1 { router-id 2.2.2.2; local-address 10.0.0.2; local-as 2; peer-as 1; #graceful-restart; static { route 8.8.8.8/32 next-hop 10.0.0.2; } } ================================================ FILE: examples/basic_exabgp/frr.conf.R1 ================================================ hostname R1 log file /tmp/frr.log ! int net0 ip address 10.0.0.1/24 no shutdown ! router bgp 1 bgp router-id 1.1.1.1 neighbor 10.0.0.2 remote-as 2 neighbor 10.0.0.2 capability extended-nexthop ! address-family ipv4 unicast redistribute kernel exit-address-family ! address-family ipv4 vpn neighbor 10.0.0.2 activate exit-address-family ! line vty ! ================================================ FILE: examples/basic_exabgp/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp daemons.R1 R1:/etc/frr/daemons - cmd: docker cp frr.conf.R1 R1:/etc/frr/frr.conf - cmd: docker cp exabgp.conf.R2 R2:/root/exabgp.conf nodes: - name: R1 # image: slankdev/centos-frr-dev:7 image: slankdev/frr:centos-7-latest interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/exabgp interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: sysctl -w 'net.ipv6.conf.net0.disable_ipv6=0' - cmd: /usr/lib/frr/frrinit.sh start - name: R2 cmds: - cmd: sysctl -w 'net.ipv6.conf.net0.disable_ipv6=0' - cmd: ip addr add 10.0.0.2/24 dev net0 ================================================ FILE: examples/basic_fq_codel/README.md ================================================ # FQ-Codel demonstration Simple demonstration of the [FQ-Codel](https://www.bufferbloat.net/projects/codel/wiki/) that solves bufferbloat problem. You can try the [bufferbloat demonstration](https://github.com/tinynetwork/tinet/tree/master/examples/basic_bufferbloat) first and compare what happened after fq_codel is enabled. ![](./topo.png) ================================================ FILE: examples/basic_fq_codel/spec.yaml ================================================ nodes: - name: R1 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - { name: net2, type: direct, args: C2#net0 } - name: R2 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C3#net0 } - { name: net2, type: direct, args: C4#net0 } - name: C1 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R1#net2 } - name: C3 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net1 } - name: C4 image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: R2#net2 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net1 - cmd: ip addr add 10.0.1.1/24 dev net2 - cmd: ip addr add 10.0.2.1/24 dev net0 - cmd: ip route add default via 10.0.2.2 - cmd: "tc qdisc add dev net0 root handle 1: htb default 1" - cmd: "tc class add dev net0 parent 1: classid 1:1 htb rate 500mbit quantum 1514" - cmd: "tc qdisc add dev net0 parent 1:1 fq_codel" - name: R2 cmds: - cmd: ip addr add 10.0.2.2/24 dev net0 - cmd: ip addr add 10.0.3.1/24 dev net1 - cmd: ip addr add 10.0.4.1/24 dev net2 - cmd: ip route add default via 10.0.2.1 - cmd: "tc qdisc add dev net0 root handle 1: htb default 1" - cmd: "tc class add dev net0 parent 1: classid 1:1 htb rate 500mbit quantum 1514" - cmd: "tc qdisc add dev net0 parent 1:1 fq_codel" - name: C1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: C2 cmds: - cmd: ip addr add 10.0.1.2/24 dev net0 - cmd: ip route add default via 10.0.1.1 - name: C3 cmds: - cmd: ip addr add 10.0.3.2/24 dev net0 - cmd: ip route add default via 10.0.3.1 - name: C4 cmds: - cmd: ip addr add 10.0.4.2/24 dev net0 - cmd: ip route add default via 10.0.4.1 test: - cmds: - cmd: echo "==========================================" - cmd: echo "iperf from C1 to C3" - cmd: echo "==========================================" - cmd: docker exec C3 iperf -s -i 1 & - cmd: sleep 3 - cmd: docker exec C1 iperf -c 10.0.3.2 2>&1 > /dev/null - cmd: docker exec C3 pkill iperf - cmd: echo "==========================================" - cmd: echo "ping from C2 to C4" - cmd: echo "==========================================" - cmd: docker exec C2 ping -c 10 10.0.4.2 - cmd: echo "==========================================" - cmd: echo "ping from C2 to C4 while iperf-ing from C1 to C3" - cmd: echo "==========================================" - cmd: docker exec C3 iperf -s 2>&1 > /dev/null & - cmd: sleep 3 - cmd: docker exec C1 iperf -c 10.0.3.2 -t 60 2>&1 > /dev/null & - cmd: sleep 3 - cmd: docker exec C2 ping -c 10 10.0.4.2 - cmd: docker exec C1 pkill iperf - cmd: sleep 3 - cmd: docker exec C3 pkill iperf ================================================ FILE: examples/basic_gcp_hv/spec.yaml ================================================ --- nodes: - name: HV1 image: slankdev/frr interfaces: - { name: tap1, type: direct, args: VM1#net0 } - { name: tap2, type: direct, args: VM2#net0 } - name: VM1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: HV1#tap1 } - name: VM2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: HV1#tap2 } node_configs: - name: HV1 cmds: - cmd: ip addr add 10.0.0.1/32 dev tap1 - cmd: ip addr add 10.0.0.1/32 dev tap2 - cmd: ip route add 10.0.0.11/32 dev tap1 - cmd: ip route add 10.0.0.12/32 dev tap2 - name: VM1 cmds: - cmd: ip addr add 10.0.0.11/32 dev net0 - cmd: ip route add 10.0.0.1 dev net0 proto static scope link src 10.0.0.11 metric 100 - cmd: ip route add default via 10.0.0.1 dev net0 proto static src 10.0.0.11 metric 100 - name: VM2 cmds: - cmd: ip addr add 10.0.0.12/32 dev net0 - cmd: ip route add 10.0.0.1 dev net0 proto static scope link src 10.0.0.12 metric 100 - cmd: ip route add default via 10.0.0.1 dev net0 proto static src 10.0.0.12 metric 100 ================================================ FILE: examples/basic_geneve/spec.yaml ================================================ --- nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C2#net0 } - name: C1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip link add name geneve0 type geneve id 10 remote 10.0.0.2 - cmd: ip link set geneve0 up - cmd: ip link add br0 type bridge - cmd: ip link set br0 up - cmd: ip link set geneve0 master br0 - cmd: ip link set net1 master br0 - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip link add name geneve0 type geneve id 10 remote 10.0.0.1 - cmd: ip link set geneve0 up - cmd: ip link add br0 type bridge - cmd: ip link set br0 up - cmd: ip link set geneve0 master br0 - cmd: ip link set net1 master br0 - name: C1 cmds: - cmd: ip addr add 10.99.0.1/24 dev net0 - name: C2 cmds: - cmd: ip addr add 10.99.0.2/24 dev net0 ================================================ FILE: examples/basic_gre/README.md ================================================ # GRE ![](topo.jpeg) ``` modprobe ip_gre ip tunnel add mode gre remote local ttl ip link set mtu up ip addr add / dev ``` ================================================ FILE: examples/basic_gre/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R5#net0 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R6#net0 } - name: R5 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R3#net1 } - name: R6 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R4#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: ip addr add 10.0.0.1/30 dev net0 - cmd: ip addr add 10.0.0.5/30 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'router ospf' -c ' ospf router-id 10.255.0.1' -c ' network 10.255.0.1/32 area 0' -c ' network 10.0.0.0/30 area 0' -c ' network 10.0.0.4/30 area 0' - name: R2 cmds: - cmd: ip addr add 10.255.0.2/32 dev lo - cmd: ip addr add 10.0.0.2/30 dev net0 - cmd: ip addr add 10.0.0.9/30 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'router ospf' -c ' ospf router-id 10.255.0.2' -c ' network 10.255.0.2/32 area 0' -c ' network 10.0.0.0/30 area 0' -c ' network 10.0.0.8/30 area 0' - name: R3 cmds: - cmd: ip addr add 10.255.0.3/32 dev lo - cmd: ip addr add 10.0.0.6/30 dev net0 - cmd: ip addr add 10.0.0.13/30 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'ip route 10.0.0.8/30 10.0.0.5' ## This is IMPORTANT..? -c 'router ospf' -c ' ospf router-id 10.255.0.3' -c ' network 10.255.0.3/32 area 0' -c ' network 10.0.0.4/30 area 0' -c ' network 10.0.0.12/30 area 0' -c ' network 20.0.0.0/30 area 0' - cmd: ip tunnel add gre1 mode gre remote 10.255.0.4 local 10.255.0.3 ttl 10 - cmd: ip link set gre1 up - cmd: ip addr add 20.0.0.1/30 dev gre1 - name: R4 cmds: - cmd: ip addr add 10.255.0.4/32 dev lo - cmd: ip addr add 10.0.0.10/30 dev net0 - cmd: ip addr add 10.0.0.17/30 dev net1 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'ip route 10.0.0.4/30 10.0.0.9' ## This is IMPORTANT..? -c 'router ospf' -c ' ospf router-id 10.255.0.4' -c ' network 10.255.0.4/32 area 0' -c ' network 10.0.0.8/30 area 0' -c ' network 10.0.0.16/30 area 0' -c ' network 20.0.0.0/30 area 0' - cmd: ip tunnel add gre1 mode gre remote 10.255.0.3 local 10.255.0.4 ttl 10 - cmd: ip link set gre1 up - cmd: ip addr add 20.0.0.2/30 dev gre1 - name: R5 cmds: - cmd: ip addr add 10.255.0.5/32 dev lo - cmd: ip addr add 10.0.0.14/30 dev net0 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'router ospf' -c ' ospf router-id 10.255.0.5' -c ' network 10.255.0.5/32 area 0' -c ' network 10.0.0.12/30 area 0' - name: R6 cmds: - cmd: ip addr add 10.255.0.6/32 dev lo - cmd: ip addr add 10.0.0.18/30 dev net0 - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'router ospf' -c ' ospf router-id 10.255.0.6' -c ' network 10.255.0.6/32 area 0' -c ' network 10.0.0.16/30 area 0' test: - name: p2p cmds: - cmd: docker exec R1 ping -c2 10.0.0.1 - cmd: docker exec R1 ping -c2 10.0.0.2 - cmd: docker exec R1 ping -c2 10.0.0.5 - cmd: docker exec R1 ping -c2 10.0.0.6 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.2 - cmd: docker exec R2 ping -c2 10.0.0.9 - cmd: docker exec R2 ping -c2 10.0.0.10 - cmd: docker exec R3 ping -c2 10.0.0.5 - cmd: docker exec R3 ping -c2 10.0.0.6 - cmd: docker exec R3 ping -c2 10.0.0.13 - cmd: docker exec R3 ping -c2 10.0.0.14 - cmd: docker exec R4 ping -c2 10.0.0.9 - cmd: docker exec R4 ping -c2 10.0.0.10 - cmd: docker exec R4 ping -c2 10.0.0.17 - cmd: docker exec R4 ping -c2 10.0.0.18 - cmd: docker exec R5 ping -c2 10.0.0.13 - cmd: docker exec R5 ping -c2 10.0.0.14 - cmd: docker exec R6 ping -c2 10.0.0.17 - cmd: docker exec R6 ping -c2 10.0.0.18 - name: lo cmds: - cmd: docker exec R1 ping -c2 10.255.0.1 - cmd: docker exec R1 ping -c2 10.255.0.2 - cmd: docker exec R1 ping -c2 10.255.0.3 - cmd: docker exec R1 ping -c2 10.255.0.4 - cmd: docker exec R1 ping -c2 10.255.0.5 - cmd: docker exec R1 ping -c2 10.255.0.6 - cmd: docker exec R2 ping -c2 10.255.0.1 - cmd: docker exec R2 ping -c2 10.255.0.2 - cmd: docker exec R2 ping -c2 10.255.0.3 - cmd: docker exec R2 ping -c2 10.255.0.4 - cmd: docker exec R2 ping -c2 10.255.0.5 - cmd: docker exec R2 ping -c2 10.255.0.6 - cmd: docker exec R3 ping -c2 10.255.0.1 - cmd: docker exec R3 ping -c2 10.255.0.2 - cmd: docker exec R3 ping -c2 10.255.0.3 - cmd: docker exec R3 ping -c2 10.255.0.4 - cmd: docker exec R3 ping -c2 10.255.0.5 - cmd: docker exec R3 ping -c2 10.255.0.6 - cmd: docker exec R4 ping -c2 10.255.0.1 - cmd: docker exec R4 ping -c2 10.255.0.2 - cmd: docker exec R4 ping -c2 10.255.0.3 - cmd: docker exec R4 ping -c2 10.255.0.4 - cmd: docker exec R4 ping -c2 10.255.0.5 - cmd: docker exec R4 ping -c2 10.255.0.6 - cmd: docker exec R5 ping -c2 10.255.0.1 - cmd: docker exec R5 ping -c2 10.255.0.2 - cmd: docker exec R5 ping -c2 10.255.0.3 - cmd: docker exec R5 ping -c2 10.255.0.4 - cmd: docker exec R5 ping -c2 10.255.0.5 - cmd: docker exec R5 ping -c2 10.255.0.6 - cmd: docker exec R6 ping -c2 10.255.0.1 - cmd: docker exec R6 ping -c2 10.255.0.2 - cmd: docker exec R6 ping -c2 10.255.0.3 - cmd: docker exec R6 ping -c2 10.255.0.4 - cmd: docker exec R6 ping -c2 10.255.0.5 - cmd: docker exec R6 ping -c2 10.255.0.6 ================================================ FILE: examples/basic_haproxy/README.md ================================================ # HAProxy demonstration ![](./topo.png) **How to test**
P1 is configured HAProxy container as-a TCP proxy. You can check the behabiour of proxy when you run the curl command to access 10.0.0.1(P1's address) on C1. ``` $ cd /path/to/here $ tn upconf | sudo sh ... $ docker exec C1 curl -s 10.0.0.1 S1 $ docker exec C1 curl -s 10.0.0.1 S2 $ docker exec C1 curl -s 10.0.0.1 S3 $ docker exec C1 curl -s 10.0.0.1 S4 $ docker exec C1 curl -s 10.0.0.1 S1 $ docker exec C1 curl -s 10.0.0.1 S2 ``` ================================================ FILE: examples/basic_haproxy/spec.yaml ================================================ nodes: - name: C1 image: slankdev/sandbox interfaces: - { name: net0, type: direct, args: P1#net0 } - name: P1 image: slankdev/sandbox interfaces: - { name: net0, type: direct, args: C1#net0 } - { name: net1, type: bridge, args: SW } - name: S1 image: slankdev/sandbox interfaces: [ { name: net0, type: bridge, args: SW } ] - name: S2 image: slankdev/sandbox interfaces: [ { name: net0, type: bridge, args: SW } ] - name: S3 image: slankdev/sandbox interfaces: [ { name: net0, type: bridge, args: SW } ] - name: S4 image: slankdev/sandbox interfaces: [ { name: net0, type: bridge, args: SW } ] switches: - name: SW interfaces: - { name: net1, type: docker, args: P1 } - { name: net0, type: docker, args: S1 } - { name: net0, type: docker, args: S2 } - { name: net0, type: docker, args: S3 } - { name: net0, type: docker, args: S4 } node_configs: - name: C1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - name: P1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.254/24 dev net1 - cmd: bash -c "echo 'global ' >> /root/haproxy.conf" - cmd: bash -c "echo ' daemon ' >> /root/haproxy.conf" - cmd: bash -c "echo ' ' >> /root/haproxy.conf" - cmd: bash -c "echo 'defaults ' >> /root/haproxy.conf" - cmd: bash -c "echo ' log global ' >> /root/haproxy.conf" - cmd: bash -c "echo ' mode tcp ' >> /root/haproxy.conf" - cmd: bash -c "echo ' ' >> /root/haproxy.conf" - cmd: bash -c "echo 'frontend main ' >> /root/haproxy.conf" - cmd: bash -c "echo ' bind *:80 ' >> /root/haproxy.conf" - cmd: bash -c "echo ' default_backend static ' >> /root/haproxy.conf" - cmd: bash -c "echo ' ' >> /root/haproxy.conf" - cmd: bash -c "echo 'backend static ' >> /root/haproxy.conf" - cmd: bash -c "echo ' server S1 10.1.0.1:80 check' >> /root/haproxy.conf" - cmd: bash -c "echo ' server S2 10.1.0.2:80 check' >> /root/haproxy.conf" - cmd: bash -c "echo ' server S3 10.1.0.3:80 check' >> /root/haproxy.conf" - cmd: bash -c "echo ' server S4 10.1.0.4:80 check' >> /root/haproxy.conf" - cmd: haproxy -f /root/haproxy.conf - name: S1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - name: S2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - name: S3 cmds: - cmd: ip addr add 10.1.0.3/24 dev net0 - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & - name: S4 cmds: - cmd: ip addr add 10.1.0.4/24 dev net0 - cmd: sh -c "cat /etc/hostname > index.html" - cmd: nohup python3 -m http.server 80 & test: - name: p2p cmds: - cmd: docker exec C1 ping -c2 10.0.0.1 - cmd: docker exec C1 ping -c2 10.0.0.2 - cmd: docker exec P1 ping -c2 10.0.0.1 - cmd: docker exec P1 ping -c2 10.0.0.2 - cmd: docker exec P1 ping -c2 10.1.0.1 - cmd: docker exec P1 ping -c2 10.1.0.2 - cmd: docker exec P1 ping -c2 10.1.0.3 - cmd: docker exec P1 ping -c2 10.1.0.4 ================================================ FILE: examples/basic_ipip/anycast_tunnel/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp /root/dotfiles/bin/linkstat.py CLOS:/usr/bin/linkstat.py - cmd: docker cp /root/dotfiles/bin/http_server.py CS:/usr/bin/http_server.py - cmd: docker cp /root/dotfiles/bin/echo_server.py CS:/usr/bin/echo_server.py nodes: - name: CLOS image: slankdev/conntrack:centos-7 interfaces: - { name: net1, type: direct, args: N1#net0 } - { name: net2, type: direct, args: N2#net0 } - { name: net3, type: direct, args: N2#net0 } - { name: up1, type: direct, args: CS#net0 } - { name: dn1, type: direct, args: HV1#net0 } - name: N1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: CLOS#net1 } - name: N2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: CLOS#net2 } - name: N3 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: CLOS#net3 } - name: HV1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: CLOS#dn1 } - name: CS image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: CLOS#up1 } node_configs: - name: CLOS cmds: - cmd: ip addr add 10.255.0.10/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: sysctl -w net.ipv4.fib_multipath_hash_policy=1 - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 10" -c " bgp router-id 10.255.0.10" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net1 interface peer-group FABRIC" -c " neighbor net2 interface peer-group FABRIC" -c " neighbor net3 interface peer-group FABRIC" -c " neighbor up1 interface peer-group FABRIC" -c " neighbor dn1 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.10/32" -c " exit-address-family" - name: N1 cmds: - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: ip addr add 10.255.0.254/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 10.255.0.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.1/32" -c " network 10.255.0.254/32" -c " exit-address-family" - cmd: ip tunnel add tun-nat2 mode ipip local 10.255.0.1 remote 10.255.0.2 dev net0 - cmd: ip addr add 10.254.0.1/32 peer 10.254.0.2/32 dev tun-nat2 - cmd: ip link set tun-nat2 up - cmd: ip tunnel add tun-nat3 mode ipip local 10.255.0.1 remote 10.255.0.3 dev net0 - cmd: ip addr add 10.254.0.1/32 peer 10.254.0.3/32 dev tun-nat3 - cmd: ip link set tun-nat3 up - cmd: ip link set tunl0 up - cmd: iptables -t nat -A POSTROUTING -s 10.255.0.20/32 -j SNAT -p tcp --to-source 10.255.0.254:10000-10063 - name: N2 cmds: - cmd: ip addr add 10.255.0.2/32 dev lo - cmd: ip addr add 10.255.0.254/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 2" -c " bgp router-id 10.255.0.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.2/32" -c " !network 10.255.0.254/32" -c " exit-address-family" - cmd: ip tunnel add tun-nat1 mode ipip local 10.255.0.2 remote 10.255.0.1 dev net0 - cmd: ip addr add 10.254.0.2/32 peer 10.254.0.1/32 dev tun-nat1 - cmd: ip link set tun-nat1 up - cmd: ip tunnel add tun-nat3 mode ipip local 10.255.0.2 remote 10.255.0.3 dev net0 - cmd: ip addr add 10.254.0.2/32 peer 10.254.0.3/32 dev tun-nat3 - cmd: ip link set tun-nat3 up - cmd: ip link set tunl0 up - name: N3 cmds: - cmd: ip addr add 10.255.0.3/32 dev lo - cmd: ip addr add 10.255.0.254/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 3" -c " bgp router-id 10.255.0.3" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.3/32" -c " !network 10.255.0.254/32" -c " exit-address-family" - cmd: ip tunnel add tun-nat1 mode ipip local 10.255.0.3 remote 10.255.0.1 dev net0 - cmd: ip addr add 10.254.0.3/32 peer 10.254.0.1/32 dev tun-nat1 - cmd: ip link set tun-nat1 up - cmd: ip tunnel add tun-nat2 mode ipip local 10.255.0.3 remote 10.255.0.2 dev net0 - cmd: ip addr add 10.254.0.3/32 peer 10.254.0.2/32 dev tun-nat2 - cmd: ip link set tun-nat2 up - cmd: ip link set tunl0 up - name: HV1 cmds: - cmd: ip addr add 10.255.0.20/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 20" -c " bgp router-id 10.255.0.20" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.20/32" -c " exit-address-family" - cmd: ip tunnel add tun-nat1 mode ipip remote 10.255.0.254 dev net0 - cmd: ip link set tun-nat1 up - cmd: ip route add default dev tun-nat1 - name: CS cmds: - cmd: ip addr add 10.255.0.30/32 dev lo - cmd: ip addr add 8.8.8.8/32 dev lo - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 30" -c " bgp router-id 10.255.0.30" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " network 10.255.0.30/32" -c " network 0.0.0.0/0" -c " exit-address-family" - cmd: nohup /usr/bin/http_server.py & - cmd: nohup /usr/bin/echo_server.py & ================================================ FILE: examples/basic_ipip/simple/README.md ================================================ # IPIP tunnel ![](topo.png) ================================================ FILE: examples/basic_ipip/simple/spec.yaml ================================================ --- nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip route add default via 10.0.0.2 - cmd: ip tunnel add tun0 mode ipip remote 10.1.0.2 local 10.0.0.1 dev net0 - cmd: ip addr add 1.1.1.1 peer 1.1.1.2 dev tun0 - cmd: ip link set tun0 up - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - name: R3 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route add default via 10.1.0.1 - cmd: ip tunnel add tun0 mode ipip remote 10.0.0.1 local 10.1.0.2 dev net0 - cmd: ip addr add 1.1.1.2 peer 1.1.1.1 dev tun0 - cmd: ip link set tun0 up ================================================ FILE: examples/basic_ipsec/bgp/README.md ================================================ ## References https://gist.github.com/Manouchehri/de3adfb02c5b55f3edc2da9e8ee59fae ================================================ FILE: examples/basic_ipsec/bgp/spec.yaml ================================================ --- postinit: cmds: - cmd: | cat </tmp/vpn1.r1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn1.r2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn1.r1.conf conn vpn1 authby=secret left=10.91.0.2 right=10.92.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn1.r2.conf conn vpn1 authby=secret left=10.92.0.2 right=10.91.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/vpn1.r1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r2.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/vpn1.r2.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.secrets - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.secrets nodes: - name: R0 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R2#net0 } - name: R1 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R0#net0 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R0#net1 } - { name: net1, type: direct, args: C2#net0 } - name: C1 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R0 cmds: - cmd: ip addr add 10.91.0.1/24 dev net0 - cmd: ip addr add 10.92.0.1/24 dev net1 - name: R1 cmds: - cmd: ip addr add 10.91.0.2/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip route add 10.92.0.0/24 via 10.91.0.1 - cmd: ip link add vti0 type vti key 100 remote 10.92.0.2 local 10.91.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.1/30 remote 169.254.0.2/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65001' -c ' bgp router-id 169.254.0.1' -c ' neighbor 169.254.0.2 remote-as 65002' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.1.0.0/24' -c ' exit-address-family' -c '!' - name: R2 cmds: - cmd: ip addr add 10.92.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip route add 10.91.0.0/24 via 10.92.0.1 - cmd: ip link add vti0 type vti key 100 remote 10.91.0.2 local 10.92.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.2/30 remote 169.254.0.1/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65002' -c ' bgp router-id 169.254.0.2' -c ' neighbor 169.254.0.1 remote-as 65001' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.2.0.0/24' -c ' exit-address-family' -c '!' - name: C1 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 ================================================ FILE: examples/basic_ipsec/bgp_ha/spec.yaml ================================================ --- postinit: cmds: - cmd: | cat </tmp/vpn1.r1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn2.r3.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn1.r2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn2.r2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/vpn1.r1.conf conn vpn1 authby=secret left=10.91.0.2 right=10.92.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn2.r3.conf conn vpn1 authby=secret left=10.93.0.2 right=10.92.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn1.r2.conf conn vpn1 authby=secret left=10.92.0.2 right=10.91.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn2.r2.conf conn vpn2 authby=secret left=10.92.0.2 right=10.93.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/vpn1.r1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r2.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/vpn1.r2.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/vpn2.r3.secrets R3:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/vpn2.r2.secrets R2:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/vpn2.r3.conf R3:/etc/ipsec.d/vpn2.conf - cmd: docker cp /tmp/vpn2.r2.conf R2:/etc/ipsec.d/vpn2.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.secrets - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.secrets - cmd: docker exec R3 chmod 600 /etc/ipsec.d/vpn2.conf - cmd: docker exec R3 chmod 600 /etc/ipsec.d/vpn2.secrets - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn2.conf - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn2.secrets nodes: - name: R0 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R2#net0 } - { name: net2, type: direct, args: R3#net0 } - name: R1 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R0#net0 } - { name: net1, type: direct, args: N1#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: R2 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R0#net1 } - { name: net1, type: direct, args: C2#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: R3 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R0#net2 } - { name: net1, type: direct, args: N1#net1 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: N1 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R3#net1 } - { name: net2, type: direct, args: C1#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: C1 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: N1#net2 } - name: C2 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R0 cmds: - cmd: ip addr add 10.91.0.1/24 dev net0 - cmd: ip addr add 10.92.0.1/24 dev net1 - cmd: ip addr add 10.93.0.1/24 dev net2 - name: R1 cmds: - cmd: ip addr add 10.91.0.2/24 dev net0 - cmd: ip addr add 10.1.0.101/24 dev net1 - cmd: ip route add 10.92.0.0/24 via 10.91.0.1 - cmd: ip link add vti0 type vti key 100 remote 10.92.0.2 local 10.91.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.1/30 remote 169.254.0.2/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65001' -c ' bgp router-id 169.254.0.1' -c ' neighbor 169.254.0.2 remote-as 65002' -c ' neighbor 10.1.0.10 remote-as 65000' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.1.0.0/24' -c ' exit-address-family' -c '!' - name: R3 cmds: - cmd: ip addr add 10.93.0.2/24 dev net0 - cmd: ip addr add 10.1.0.103/24 dev net1 - cmd: ip route add 10.92.0.0/24 via 10.93.0.1 - cmd: ip link add vti0 type vti key 100 remote 10.92.0.2 local 10.93.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.1.1/30 remote 169.254.1.2/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65001' -c ' bgp router-id 169.254.1.1' -c ' neighbor 169.254.1.2 remote-as 65002' -c ' neighbor 10.1.0.11 remote-as 65000' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.1.0.0/24' -c ' exit-address-family' -c '!' - name: R2 cmds: - cmd: ip addr add 10.92.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip route add 10.91.0.0/24 via 10.92.0.1 - cmd: ip route add 10.93.0.0/24 via 10.92.0.1 - cmd: ip link add vti0 type vti key 100 remote 10.91.0.2 local 10.92.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.2/30 remote 169.254.0.1/30 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 10.93.0.2 local 10.92.0.2 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.1.2/30 remote 169.254.1.1/30 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65002' -c ' bgp router-id 169.254.0.2' -c ' neighbor 169.254.0.1 remote-as 65001' -c ' neighbor 169.254.1.1 remote-as 65001' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.2.0.0/24' -c ' exit-address-family' -c '!' - name: N1 cmds: - cmd: ip addr add 10.1.0.10/24 dev net0 - cmd: ip addr add 10.1.0.11/24 dev net1 - cmd: ip addr add 10.1.0.1/24 dev net2 - cmd: ip route add 10.1.0.101/32 dev net0 - cmd: ip route add 10.1.0.103/32 dev net1 - cmd: ip route add 10.1.0.2/32 dev net2 - cmd: sysctl -w net.ipv4.conf.net0.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net2.proxy_arp=1 - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65000' -c ' bgp router-id 1.1.1.1' -c ' neighbor 10.1.0.101 remote-as 65001' -c ' neighbor 10.1.0.101 disable-connected-check' -c ' neighbor 10.1.0.103 remote-as 65001' -c ' neighbor 10.1.0.103 disable-connected-check' -c ' !' -c ' address-family ipv4 unicast' -c ' exit-address-family' -c '!' - name: C1 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 ================================================ FILE: examples/basic_ipsec/mesh/spec.yaml ================================================ --- nodes: - name: R1 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N1#net0 } - name: R2 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N1#net1 } - name: R3 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N2#net0 } - name: R4 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N2#net1 } - name: N1 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R2#net1 } - { name: net2, type: direct, args: C1#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: N2 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R3#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: C2#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: C1 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: N1#net2 } - name: C2 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: N2#net2 } switches: - name: B0 interfaces: - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } - { name: net0, type: container, args: R4 } node_configs: - name: R1 cmds: - cmd: ip addr add 20.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.100/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.3 local 20.0.0.1 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.1/32 remote 169.254.0.3/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.4 local 20.0.0.1 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.1/32 remote 169.254.0.4/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: R2 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: ip addr add 10.1.0.101/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.3 local 20.0.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.2/32 remote 169.254.0.3/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.4 local 20.0.0.2 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.2/32 remote 169.254.0.4/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: R3 cmds: - cmd: ip addr add 20.0.0.3/24 dev net0 - cmd: ip addr add 10.2.0.100/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.1 local 20.0.0.3 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.3/32 remote 169.254.0.1/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.2 local 20.0.0.3 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.3/32 remote 169.254.0.2/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: R4 cmds: - cmd: ip addr add 20.0.0.4/24 dev net0 - cmd: ip addr add 10.2.0.101/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.1 local 20.0.0.4 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.4/32 remote 169.254.0.1/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.2 local 20.0.0.4 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.4/32 remote 169.254.0.2/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: N1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip addr add 10.1.0.1/24 dev net2 - cmd: ip route add 10.1.0.100/32 dev net0 - cmd: ip route add 10.1.0.101/32 dev net1 - cmd: ip route add 10.1.0.10/32 dev net2 - cmd: sysctl -w net.ipv4.conf.net0.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net2.proxy_arp=1 - name: N1 cmds: - cmd: ip addr add 10.2.0.1/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip addr add 10.2.0.1/24 dev net2 - cmd: ip route add 10.2.0.100/32 dev net0 - cmd: ip route add 10.2.0.101/32 dev net1 - cmd: ip route add 10.2.0.10/32 dev net2 - cmd: sysctl -w net.ipv4.conf.net0.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net2.proxy_arp=1 - name: C1 cmds: - cmd: ip addr add 10.1.0.10/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.10/24 dev net0 - cmd: ip route add default via 10.2.0.1 postinit: cmds: - cmd: | cat </tmp/r1_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r1_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r1_vpn1.conf conn vpn1 authby=secret left=20.0.0.1 right=20.0.0.3 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/r1_vpn2.conf conn vpn2 authby=secret left=20.0.0.1 right=20.0.0.4 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/r1_vpn1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r1_vpn2.secrets R1:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r1_vpn1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r1_vpn2.conf R1:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r2_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r2_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r2_vpn1.conf conn vpn1 authby=secret left=20.0.0.2 right=20.0.0.3 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/r2_vpn2.conf conn vpn2 authby=secret left=20.0.0.2 right=20.0.0.4 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/r2_vpn1.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r2_vpn2.secrets R2:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r2_vpn1.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r2_vpn2.conf R2:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r3_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r3_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r3_vpn1.conf conn vpn1 authby=secret left=20.0.0.3 right=20.0.0.1 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/r3_vpn2.conf conn vpn2 authby=secret left=20.0.0.3 right=20.0.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/r3_vpn1.secrets R3:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r3_vpn2.secrets R3:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r3_vpn1.conf R3:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r3_vpn2.conf R3:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r4_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r4_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r4_vpn1.conf conn vpn1 authby=secret left=20.0.0.4 right=20.0.0.1 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/r4_vpn2.conf conn vpn2 authby=secret left=20.0.0.4 right=20.0.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/r4_vpn1.secrets R4:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r4_vpn2.secrets R4:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r4_vpn1.conf R4:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r4_vpn2.conf R4:/etc/ipsec.d/vpn2.conf ================================================ FILE: examples/basic_ipsec/mesh_bgp/spec.yaml ================================================ --- nodes: - name: R1 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N1#net0 } - name: R2 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N1#net1 } - name: R3 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N2#net0 } - name: R4 image: tinet/cloudvpn interfaces: - { name: net0, type: bridge, args: B0 } - { name: net1, type: direct, args: N2#net1 } - name: N1 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R2#net1 } - { name: net2, type: direct, args: C1#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: N2 image: tinet/cloudvpn interfaces: - { name: net0, type: direct, args: R3#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: C2#net0 } sysctls: - { sysctl: net.ipv4.fib_multipath_hash_policy=1 } - name: C1 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: N1#net2 } - name: C2 image: slankdev/tmp interfaces: - { name: net0, type: direct, args: N2#net2 } switches: - name: B0 interfaces: - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } - { name: net0, type: container, args: R4 } node_configs: - name: R1 cmds: - cmd: ip addr add 20.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.100/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.3 local 20.0.0.1 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.1/32 remote 169.254.0.3/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.4 local 20.0.0.1 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.1/32 remote 169.254.0.4/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65001' -c ' bgp router-id 169.254.0.1' -c ' neighbor 169.254.0.3 remote-as 65002' -c ' neighbor 169.254.0.4 remote-as 65002' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.1.0.0/24' -c ' exit-address-family' -c '!' - name: R2 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: ip addr add 10.1.0.101/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.3 local 20.0.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.2/32 remote 169.254.0.3/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.4 local 20.0.0.2 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.2/32 remote 169.254.0.4/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65001' -c ' bgp router-id 169.254.0.2' -c ' neighbor 169.254.0.3 remote-as 65002' -c ' neighbor 169.254.0.4 remote-as 65002' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.1.0.0/24' -c ' exit-address-family' -c '!' - name: R3 cmds: - cmd: ip addr add 20.0.0.3/24 dev net0 - cmd: ip addr add 10.2.0.100/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.1 local 20.0.0.3 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.3/32 remote 169.254.0.1/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.2 local 20.0.0.3 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.3/32 remote 169.254.0.2/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65002' -c ' bgp router-id 169.254.0.3' -c ' neighbor 169.254.0.1 remote-as 65001' -c ' neighbor 169.254.0.2 remote-as 65001' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.2.0.0/24' -c ' exit-address-family' -c '!' - name: R4 cmds: - cmd: ip addr add 20.0.0.4/24 dev net0 - cmd: ip addr add 10.2.0.101/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 20.0.0.1 local 20.0.0.4 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip addr add 169.254.0.4/32 remote 169.254.0.1/32 dev vti0 - cmd: ip link add vti1 type vti key 101 remote 20.0.0.2 local 20.0.0.4 - cmd: ip link set vti1 up - cmd: sysctl -w net.ipv4.conf.vti1.disable_policy=1 - cmd: ip addr add 169.254.0.4/32 remote 169.254.0.2/32 dev vti1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - cmd: sed -i -e "s/bgpd=no/bgpd=yes/g" /etc/frr/daemons - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c 'conf t' -c 'router bgp 65002' -c ' bgp router-id 169.254.0.4' -c ' neighbor 169.254.0.1 remote-as 65001' -c ' neighbor 169.254.0.2 remote-as 65001' -c ' !' -c ' address-family ipv4 unicast' -c ' network 10.2.0.0/24' -c ' exit-address-family' -c '!' - name: N1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip addr add 10.1.0.1/24 dev net2 - cmd: ip route add 10.1.0.100/32 dev net0 - cmd: ip route add 10.1.0.101/32 dev net1 - cmd: ip route add 10.1.0.10/32 dev net2 - cmd: sysctl -w net.ipv4.conf.net0.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net2.proxy_arp=1 - cmd: >- ip route add default nexthop via 10.1.0.100 dev net0 nexthop via 10.1.0.101 dev net1 - name: N2 cmds: - cmd: ip addr add 10.2.0.1/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip addr add 10.2.0.1/24 dev net2 - cmd: ip route add 10.2.0.100/32 dev net0 - cmd: ip route add 10.2.0.101/32 dev net1 - cmd: ip route add 10.2.0.10/32 dev net2 - cmd: sysctl -w net.ipv4.conf.net0.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net1.proxy_arp=1 - cmd: sysctl -w net.ipv4.conf.net2.proxy_arp=1 - cmd: >- ip route add default nexthop via 10.2.0.100 dev net0 nexthop via 10.2.0.101 dev net1 - name: C1 cmds: - cmd: ip addr add 10.1.0.10/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.10/24 dev net0 - cmd: ip route add default via 10.2.0.1 postinit: cmds: - cmd: | cat </tmp/r1_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r1_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r1_vpn1.conf conn vpn1 authby=secret left=20.0.0.1 right=20.0.0.3 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: | cat </tmp/r1_vpn2.conf conn vpn2 authby=secret left=20.0.0.1 right=20.0.0.4 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: docker cp /tmp/r1_vpn1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r1_vpn2.secrets R1:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r1_vpn1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r1_vpn2.conf R1:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r2_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r2_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r2_vpn1.conf conn vpn1 authby=secret left=20.0.0.2 right=20.0.0.3 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: | cat </tmp/r2_vpn2.conf conn vpn2 authby=secret left=20.0.0.2 right=20.0.0.4 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: docker cp /tmp/r2_vpn1.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r2_vpn2.secrets R2:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r2_vpn1.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r2_vpn2.conf R2:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r3_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r3_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r3_vpn1.conf conn vpn1 authby=secret left=20.0.0.3 right=20.0.0.1 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: | cat </tmp/r3_vpn2.conf conn vpn2 authby=secret left=20.0.0.3 right=20.0.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: docker cp /tmp/r3_vpn1.secrets R3:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r3_vpn2.secrets R3:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r3_vpn1.conf R3:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r3_vpn2.conf R3:/etc/ipsec.d/vpn2.conf - cmd: | cat </tmp/r4_vpn1.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r4_vpn2.secrets : PSK "sekainoichihara" EOF - cmd: | cat </tmp/r4_vpn1.conf conn vpn1 authby=secret left=20.0.0.4 right=20.0.0.1 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: | cat </tmp/r4_vpn2.conf conn vpn2 authby=secret left=20.0.0.4 right=20.0.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=101/0xffffffff vti-interface=vti1 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart ike=aes_cbc128-sha2_256;dh19 phase2alg=aes_gcm128;dh19 remote_peer_type=cisco EOF - cmd: docker cp /tmp/r4_vpn1.secrets R4:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/r4_vpn2.secrets R4:/etc/ipsec.d/vpn2.secrets - cmd: docker cp /tmp/r4_vpn1.conf R4:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/r4_vpn2.conf R4:/etc/ipsec.d/vpn2.conf ================================================ FILE: examples/basic_ipsec/simple/README.md ================================================ ## IPsec Example - libreswan ```bash > docker exec R1 ipsec status | grep "Total IPsec connections" -A5 000 Total IPsec connections: loaded 1, active 1 000 000 State Information: DDoS cookies not required, Accepting new IKE connections 000 IKE SAs: total(2), half-open(0), open(0), authenticated(2), anonymous(0) 000 IPsec SAs: total(2), authenticated(2), anonymous(0) 000 ``` ================================================ FILE: examples/basic_ipsec/simple/spec.yaml ================================================ --- postinit: cmds: - cmd: | cat </tmp/vpn1.r1.secrets : PSK "vpn1" EOF - cmd: | cat </tmp/vpn1.r2.secrets : PSK "vpn1" EOF - cmd: | cat </tmp/vpn1.r1.conf conn vpn1 left=10.0.0.1 leftsubnet=10.1.0.0/24 right=10.0.0.2 rightsubnet=10.2.0.0/24 auto=start authby=secret dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn1.r2.conf conn vpn1 left=10.0.0.2 leftsubnet=10.2.0.0/24 right=10.0.0.1 rightsubnet=10.1.0.0/24 auto=start authby=secret dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/vpn1.r1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r2.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/vpn1.r2.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.secrets - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.secrets nodes: - name: R1 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C2#net0 } - name: C1 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip route add 10.2.0.0/24 via 10.0.0.2 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip route add 10.1.0.0/24 via 10.0.0.1 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: C1 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 ================================================ FILE: examples/basic_ipsec/static_esp_tunnel_simple/README.md ================================================ # Simple statically-configured ESP tunnel mode example just works Establish SA bidirectionally between R0 and R1. Apply xfrm allow policy for the traffic between C0 and C1. ![topo](topo.png) ## Demo Try `tinet test`. Below is an example output. You can see the ICMP packets are correctly encapsulated with ESP header. ``` =================================================== Starting packet capture on R0 (net1) and R1 (net1) =================================================== tcpdump: listening on net1, link-type EN10MB (Ethernet), snapshot length 262144 bytes tcpdump: listening on net1, link-type EN10MB (Ethernet), snapshot length 262144 bytes =================================================== ping from C0 to C1 =================================================== PING 10.0.1.2 (10.0.1.2) 56(84) bytes of data. 64 bytes from 10.0.1.2: icmp_seq=1 ttl=62 time=0.081 ms --- 10.0.1.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.081/0.081/0.081/0.000 ms =================================================== Stopping packet capture on R0 (net1) and R1 (net1) =================================================== 5 packets captured 5 packets received by filter 0 packets dropped by kernel 5 packets captured 5 packets received by filter 0 packets dropped by kernel =================================================== Packet capture on R0 (net1) =================================================== 16:23:28.663259 ARP, Request who-has 192.168.0.2 tell 192.168.0.1, length 28 16:23:28.663267 ARP, Reply 192.168.0.2 is-at c6:b7:02:a9:e9:6f, length 28 16:23:28.663267 IP 192.168.0.1 > 192.168.0.2: ESP(spi=0x00000001,seq=0x1), length 120 16:23:28.663294 IP 192.168.0.2 > 192.168.0.1: ESP(spi=0x00000001,seq=0x1), length 120 16:23:28.663294 IP 10.0.1.2 > 10.0.0.2: ICMP echo reply, id 62643, seq 1, length 64 reading from file /tmp/record.pcap, link-type EN10MB (Ethernet), snapshot length 262144 =================================================== Packet capture on R1 (net1) =================================================== 16:23:28.663261 ARP, Request who-has 192.168.0.2 tell 192.168.0.1, length 28 16:23:28.663267 ARP, Reply 192.168.0.2 is-at c6:b7:02:a9:e9:6f, length 28 16:23:28.663268 IP 192.168.0.1 > 192.168.0.2: ESP(spi=0x00000001,seq=0x1), length 120 16:23:28.663268 IP 10.0.0.2 > 10.0.1.2: ICMP echo request, id 62643, seq 1, length 64 16:23:28.663294 IP 192.168.0.2 > 192.168.0.1: ESP(spi=0x00000001,seq=0x1), length 120 reading from file /tmp/record.pcap, link-type EN10MB (Ethernet), snapshot length 262144 ``` ================================================ FILE: examples/basic_ipsec/static_esp_tunnel_simple/spec.yaml ================================================ nodes: - name: C0 image: nicolaka/netshoot:latest interfaces: - name: net0 type: direct args: R0#net0 - name: R0 image: nicolaka/netshoot:latest interfaces: - name: net0 type: direct args: C0#net0 - name: net1 type: direct args: R1#net1 - name: R1 image: nicolaka/netshoot:latest interfaces: - name: net0 type: direct args: C1#net0 - name: net1 type: direct args: R0#net1 - name: C1 image: nicolaka/netshoot:latest interfaces: - name: net0 type: direct args: R1#net0 node_configs: - name: C0 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: R0 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip route add 10.0.1.0/24 via 192.168.0.2 - cmd: ip xfrm state add src 192.168.0.2 dst 192.168.0.1 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel - cmd: ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel - cmd: ip xfrm policy add src 10.0.0.2/32 dst 10.0.1.2/32 dir out tmpl src 192.168.0.1 dst 192.168.0.2 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.1.2/32 dst 10.0.0.2/32 dir in tmpl src 192.168.0.2 dst 192.168.0.1 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.1.2/32 dst 10.0.0.2/32 dir fwd tmpl src 192.168.0.2 dst 192.168.0.1 proto esp spi 1 mode tunnel - name: R1 cmds: - cmd: ip addr add 10.0.1.1/24 dev net0 - cmd: ip addr add 192.168.0.2/24 dev net1 - cmd: ip route add 10.0.0.0/24 via 192.168.0.1 - cmd: ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel - cmd: ip xfrm state add src 192.168.0.2 dst 192.168.0.1 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel - cmd: ip xfrm policy add src 10.0.1.2/32 dst 10.0.0.2/32 dir out tmpl src 192.168.0.2 dst 192.168.0.1 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.0.2/32 dst 10.0.1.2/32 dir in tmpl src 192.168.0.1 dst 192.168.0.2 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.0.2/32 dst 10.0.1.2/32 dir fwd tmpl src 192.168.0.1 dst 192.168.0.2 proto esp spi 1 mode tunnel - name: C1 cmds: - cmd: ip addr add 10.0.1.2/24 dev net0 - cmd: ip route add default via 10.0.1.1 test: - cmds: - cmd: echo "===================================================" - cmd: echo "Starting packet capture on R0 (net1) and R1 (net1)" - cmd: echo "===================================================" - cmd: docker exec R0 tcpdump -nni net1 -w /tmp/record.pcap 2>&1 > /dev/null & - cmd: docker exec R1 tcpdump -nni net1 -w /tmp/record.pcap 2>&1 > /dev/null & - cmd: sleep 3 - cmd: echo "===================================================" - cmd: echo "ping from C0 to C1" - cmd: echo "===================================================" - cmd: docker exec C0 ping -c 1 10.0.1.2 - cmd: sleep 3 - cmd: echo "===================================================" - cmd: echo "Stopping packet capture on R0 (net1) and R1 (net1)" - cmd: echo "===================================================" - cmd: docker exec R0 pkill tcpdump - cmd: docker exec R1 pkill tcpdump - cmd: echo "===================================================" - cmd: echo "Packet capture on R0 (net1)" - cmd: echo "===================================================" - cmd: docker exec R0 tcpdump -nnr /tmp/record.pcap - cmd: echo "===================================================" - cmd: echo "Packet capture on R1 (net1)" - cmd: echo "===================================================" - cmd: docker exec R1 tcpdump -nnr /tmp/record.pcap ================================================ FILE: examples/basic_ipsec/with_vti/README.md ================================================ ## IPsec Example - libreswan ```bash > docker exec R1 ipsec status | grep "Total IPsec connections" -A5 000 Total IPsec connections: loaded 1, active 1 000 000 State Information: DDoS cookies not required, Accepting new IKE connections 000 IKE SAs: total(2), half-open(0), open(0), authenticated(2), anonymous(0) 000 IPsec SAs: total(2), authenticated(2), anonymous(0) 000 ``` ================================================ FILE: examples/basic_ipsec/with_vti/spec.yaml ================================================ --- postinit: cmds: - cmd: | cat </tmp/vpn1.r1.secrets : PSK "vpn1" EOF - cmd: | cat </tmp/vpn1.r2.secrets : PSK "vpn1" EOF - cmd: | cat </tmp/vpn1.r1.conf conn vpn1 authby=secret left=10.0.0.1 right=10.0.0.2 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: | cat </tmp/vpn1.r2.conf conn vpn1 left=10.0.0.2 right=10.0.0.1 leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0 auto=start authby=secret mark=100/0xffffffff vti-interface=vti0 vti-routing=no dpddelay=10 dpdtimeout=5 dpdaction=restart EOF - cmd: docker cp /tmp/vpn1.r1.secrets R1:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r2.secrets R2:/etc/ipsec.d/vpn1.secrets - cmd: docker cp /tmp/vpn1.r1.conf R1:/etc/ipsec.d/vpn1.conf - cmd: docker cp /tmp/vpn1.r2.conf R2:/etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R1 chmod 600 /etc/ipsec.d/vpn1.secrets - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.conf - cmd: docker exec R2 chmod 600 /etc/ipsec.d/vpn1.secrets nodes: - name: R1 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: C2#net0 } - name: C1 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R1#net1 } - name: C2 image: tinet/centos:centos7 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 10.0.0.2 local 10.0.0.1 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip route add 10.2.0.0/24 dev vti0 - cmd: ip addr add 169.254.0.1/30 remote 169.254.0.2/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip link add vti0 type vti key 100 remote 10.0.0.1 local 10.0.0.2 - cmd: ip link set vti0 up - cmd: sysctl -w net.ipv4.conf.vti0.disable_policy=1 - cmd: ip route add 10.1.0.0/24 dev vti0 - cmd: ip addr add 169.254.0.2/30 remote 169.254.0.1/30 dev vti0 - cmd: /usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig - cmd: /usr/libexec/ipsec/_stackmanager start - cmd: /usr/sbin/ipsec --checknss - cmd: /usr/sbin/ipsec --checknflog - cmd: /usr/libexec/ipsec/pluto --leak-detective --config /etc/ipsec.conf - name: C1 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route add default via 10.1.0.1 - name: C2 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 ================================================ FILE: examples/basic_ipsec/xfrm_interface/README.md ================================================ # Simple statically-configured ESP tunnel with XFRM Interface Establish SA bidirectionally between R0 and R1. Apply xfrm allow policy for the traffic between C0 and C1 using [XFRM Interface](https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN#XFRM-Interfaces-on-Linux). ================================================ FILE: examples/basic_ipsec/xfrm_interface/spec.yaml ================================================ --- nodes: - name: C0 image: nicolaka/netshoot:latest interfaces: - { name: net0, type: direct, args: R0#net0 } - name: R0 image: nicolaka/netshoot:latest interfaces: - { name: net0, type: direct, args: C0#net0 } - { name: net1, type: direct, args: R1#net1 } - name: R1 image: nicolaka/netshoot:latest interfaces: - { name: net1, type: direct, args: R0#net1 } - { name: net0, type: direct, args: C1#net0 } - name: C1 image: nicolaka/netshoot:latest interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: C0 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: R0 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip link add type xfrm dev net1 if_id 1 # if_id 1 are important in below. We need to match it to the if_id 1 passed in above. So that the policies/states # are not evaluated in the regular xfrm path (which lies in the middle of routing and device) and only evaluated # inside the XFRM device. - cmd: ip xfrm state add src 192.168.0.2 dst 192.168.0.1 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel if_id 1 - cmd: ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel if_id 1 - cmd: ip xfrm policy add src 10.0.0.0/24 dst 10.0.1.0/24 dir out if_id 1 tmpl src 192.168.0.1 dst 192.168.0.2 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.1.0/24 dst 10.0.0.0/24 dir fwd if_id 1 tmpl src 192.168.0.2 dst 192.168.0.1 proto esp spi 1 mode tunnel - cmd: ip link set xfrm0 up - cmd: ip route add 10.0.1.0/24 dev xfrm0 - name: R1 cmds: - cmd: ip addr add 10.0.1.1/24 dev net0 - cmd: ip addr add 192.168.0.2/24 dev net1 - cmd: ip link add type xfrm dev net1 if_id 1 - cmd: ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel if_id 1 - cmd: ip xfrm state add src 192.168.0.2 dst 192.168.0.1 proto esp spi 0x1 aead "rfc4106(gcm(aes))" 0x0000000000112233445566778899aabbccddeeff 128 mode tunnel if_id 1 - cmd: ip xfrm policy add src 10.0.1.0/24 dst 10.0.0.0/24 dir out if_id 1 tmpl src 192.168.0.2 dst 192.168.0.1 proto esp spi 1 mode tunnel - cmd: ip xfrm policy add src 10.0.0.0/24 dst 10.0.1.0/24 dir fwd if_id 1 tmpl src 192.168.0.1 dst 192.168.0.2 proto esp spi 1 mode tunnel - cmd: ip link set xfrm0 up - cmd: ip route add 10.0.0.0/24 dev xfrm0 - name: C1 cmds: - cmd: ip addr add 10.0.1.2/24 dev net0 - cmd: ip route add default via 10.0.1.1 ================================================ FILE: examples/basic_iptables/napt/README.md ================================================ # Managed NAPT example ``` tn upconf | sudo sh docker exec -it S1 tcpdump -ni net0 -Qin '(tcp[tcpflags] & tcp-syn)' != 0 docker exec C1 curl --interface 10.0.0.2 20.0.0.2 docker exec C1 curl --interface 10.0.0.3 20.0.0.2 docker exec C1 curl --interface 10.0.0.4 20.0.0.2 docker exec S1 conntrack -L ``` ================================================ FILE: examples/basic_iptables/napt/spec.yaml ================================================ # DESCRIPTION: NAPT network using FRR # # TOPO: # S0 # (net0).2| # | # WAN:20.0.0.0/24 | # | # (net0).1| # R1(NAPT) # (net1).1| # | # LAN:10.0.0.0/24 | # | # (net0).2| # C0 # # INIT: # cns spec7.yaml init | sudo sh # ./setup7.sh # FINI: # cns spec7.yaml fini | sudo sh # nodes: - name: R1 image: slankdev/conntrack interfaces: - { name: net0, type: direct, args: S1#net0, } - { name: net1, type: direct, args: C1#net0, } - name: S1 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R1#net0, } ] - name: C1 image: slankdev/ubuntu:18.04 interfaces: [ { name: net0, type: direct, args: R1#net1, } ] node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net1 - cmd: ip addr add 20.0.0.1/24 dev net0 ####################### ## NAT CONFIGURATION ## ####################### - cmd: ip addr add 20.0.0.100/24 dev net0 - cmd: ip addr add 20.0.0.101/24 dev net0 - cmd: >- iptables -t nat -A POSTROUTING -s 10.0.0.2/32 -j SNAT -p tcp --to-source 20.0.0.100:10000-10008 - cmd: >- iptables -t nat -A POSTROUTING -s 10.0.0.3/32 -j SNAT -p tcp --to-source 20.0.0.100:20000-20008 - cmd: >- iptables -t nat -A POSTROUTING -s 10.0.0.4/32 -j SNAT -p tcp --to-source 20.0.0.101:30000-30008 - name: S1 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: ip route add default via 20.0.0.1 - cmd: nohup python3 -m http.server 80 & - name: C1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.0.0.3/24 dev net0 - cmd: ip addr add 10.0.0.4/24 dev net0 - cmd: ip route add default via 10.0.0.1 ================================================ FILE: examples/basic_iptables/test/README.md ================================================ # iptables study ``` root@R2:/# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination LOG all -- 10.0.0.2 anywhere LOG level warning Chain OUTPUT (policy ACCEPT) target prot opt source destination ``` ``` root@R2:/# iptables-save │ # Generated by iptables-save v1.6.1 on Wed May 15 10:12:54 2019 │ *filter │ :INPUT ACCEPT [5:420] │ :FORWARD ACCEPT [6:504] │ :OUTPUT ACCEPT [5:420] │ -A FORWARD -s 10.0.0.2/32 -j LOG │ COMMIT │ # Completed on Wed May 15 10:12:54 2019 ``` ``` root@R2:/# iptables -A FORWARD -s 10.0.0.2 -j LOG root@R2:/# iptables -D FORWARD -s 10.0.0.2 -j LOG ``` If you want to check the LOG of iptables on network-namespace, following kernel option helps you. this option enables us, output netns's log to host's log. ``` sudo sh -c 'echo 0 > /proc/sys/net/netfilter/nf_log_all_netns' dmesg ``` ================================================ FILE: examples/basic_iptables/test/spec.yaml ================================================ nodes: - name: R1 image: slankdev/sandbox interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/sandbox interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R3 image: slankdev/sandbox interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: R2 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 20.0.0.1/24 dev net1 - name: R3 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: ip route add default via 20.0.0.1 ================================================ FILE: examples/basic_iptables/u32/spec.yaml ================================================ nodes: - name: C1_1 image: nicolaka/netshoot:latest interfaces: - { name: net1_1, type: direct, args: C2#net1_1 } - name: C1_2 image: nicolaka/netshoot:latest interfaces: - { name: net1_2, type: direct, args: C2#net1_2 } - name: C2 image: nicolaka/netshoot:latest interfaces: - { name: net1_1, type: direct, args: C1_1#net1_1 } - { name: net1_2, type: direct, args: C1_2#net1_2 } - { name: net2, type: direct, args: C3#net2 } sysctls: - sysctl: net.ipv4.ip_forward=1 - name: C3 image: nicolaka/netshoot:latest interfaces: - { name: net2, type: direct, args: C2#net2 } node_configs: - name: C1_1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net1_1 - cmd: ip route add 10.3.0.1 via 10.1.0.2 - cmd: ip tunnel add tun0 mode ipip local 10.1.0.1 remote 10.3.0.1 dev net1_1 - cmd: ip addr add 1.1.1.1/24 dev tun0 - cmd: ip link set tun0 up - cmd: ip route add 1.1.3.1 dev tun0 - name: C1_2 cmds: - cmd: ip addr add 10.2.0.1/24 dev net1_2 - cmd: ip route add 10.3.0.1 via 10.2.0.2 - cmd: ip tunnel add tun0 mode ipip local 10.2.0.1 remote 10.3.0.1 dev net1_2 - cmd: ip addr add 1.1.2.1/24 dev tun0 - cmd: ip link set tun0 up - cmd: ip route add 1.1.4.1 dev tun0 - name: C2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net1_1 - cmd: ip addr add 10.2.0.2/24 dev net1_2 - cmd: ip addr add 10.3.0.2/24 dev net2 # drop packet which has source IP 1.1.2.1/32 in IPIP inner IP header - cmd: iptables -m u32 --u32 "6&0xFF=0x4 && 0>>22&0x3C@12=0x1010102" -A FORWARD -j DROP # drop packet which has source IP 1.1.2.0/24 in IPIP inner IP header - cmd: iptables -m u32 --u32 "6&0xFF=0x4 && 0>>22&0x3C@12=0x1010200:0x10102ff" -A FORWARD -j DROP - name: C3 cmds: - cmd: ip addr add 10.3.0.1/24 dev net2 - cmd: ip route add 10.1.0.1 via 10.3.0.2 - cmd: ip route add 10.2.0.1 via 10.3.0.2 - cmd: ip tunnel add tun0 mode ipip local 10.3.0.1 remote 10.1.0.1 dev net2 - cmd: ip addr add 1.1.3.1/24 dev tun0 - cmd: ip link set tun0 up - cmd: ip route add 1.1.1.1 dev tun0 - cmd: ip tunnel add tun1 mode ipip local 10.3.0.1 remote 10.2.0.1 dev net2 - cmd: ip addr add 1.1.4.1/24 dev tun1 - cmd: ip link set tun1 up - cmd: ip route add 1.1.2.1 dev tun1 ================================================ FILE: examples/basic_isis/README.md ================================================ # ISIS ![](topo.png) ``` tn upconf | sudo sh ``` ## Reference - http://docs.frrouting.org/en/latest/isisd.html ================================================ FILE: examples/basic_isis/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R5#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - { name: net2, type: direct, args: R6#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: R7#net0 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R3#net1 } - { name: net2, type: direct, args: R8#net0 } - name: R5 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net2 } - name: R6 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net2 } - name: R7 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R3#net2 } - name: R8 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R4#net2 } node_configs: - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int lo' -c ' ip address 10.255.0.1/32' -c ' exit' -c 'int net0' -c ' ip address 10.0.0.1/30' -c ' ip router isis FOO' -c ' exit' -c 'int net1' -c ' ip address 10.0.0.5/30' -c ' ip router isis FOO' -c ' exit' -c 'int net2' -c ' ip address 20.1.0.1/30' -c ' ip router isis FOO' -c ' exit' -c 'router isis FOO' -c ' net 47.0023.0000.0000.0001.00' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.1' -c ' exit' - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int lo' -c ' ip address 10.255.0.2/32' -c ' exit' -c 'int net0' -c ' ip address 10.0.0.2/30' -c ' ip router isis FOO' -c ' exit' -c 'int net1' -c ' ip address 10.0.0.9/30' -c ' ip router isis FOO' -c ' exit' -c 'int net2' -c ' ip address 20.2.0.1/30' -c ' ip router isis FOO' -c ' exit' -c 'router isis FOO' -c ' net 47.0023.0000.0000.0002.00' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.2' -c ' exit' - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int lo' -c ' ip address 10.255.0.3/32' -c ' exit' -c 'int net0' -c ' ip address 10.0.0.6/30' -c ' ip router isis FOO' -c ' exit' -c 'int net1' -c ' ip address 10.0.0.13/30' -c ' ip router isis FOO' -c ' exit' -c 'int net2' -c ' ip address 20.3.0.1/30' -c ' ip router isis FOO' -c ' exit' -c 'router isis FOO' -c ' net 47.0023.0000.0000.0003.00' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.3' -c ' exit' - name: R4 cmds: - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int lo' -c ' ip address 10.255.0.4/32' -c ' exit' -c 'int net0' -c ' ip address 10.0.0.10/30' -c ' ip router isis FOO' -c ' exit' -c 'int net1' -c ' ip address 10.0.0.14/30' -c ' ip router isis FOO' -c ' exit' -c 'int net2' -c ' ip address 20.4.0.1/30' -c ' ip router isis FOO' -c ' exit' -c 'router isis FOO' -c ' net 47.0023.0000.0000.0004.00' -c ' mpls-te on' -c ' mpls-te router-address 10.255.0.4' -c ' exit' - name: R5 cmds: - cmd: ip addr add 20.1.0.2/24 dev net0 - cmd: ip route replace default via 20.1.0.1 - name: R6 cmds: - cmd: ip addr add 20.2.0.2/24 dev net0 - cmd: ip route replace default via 20.2.0.1 - name: R7 cmds: - cmd: ip addr add 20.3.0.2/24 dev net0 - cmd: ip route replace default via 20.3.0.1 - name: R8 cmds: - cmd: ip addr add 20.4.0.2/24 dev net0 - cmd: ip route replace default via 20.4.0.1 test: - name: p2p cmds: - cmd: docker exec R1 ping -c2 10.0.0.1 - cmd: docker exec R1 ping -c2 10.0.0.2 - cmd: docker exec R1 ping -c2 10.0.0.5 - cmd: docker exec R1 ping -c2 10.0.0.6 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.2 - cmd: docker exec R2 ping -c2 10.0.0.9 - cmd: docker exec R2 ping -c2 10.0.0.10 - cmd: docker exec R3 ping -c2 10.0.0.5 - cmd: docker exec R3 ping -c2 10.0.0.6 - cmd: docker exec R3 ping -c2 10.0.0.13 - cmd: docker exec R3 ping -c2 10.0.0.14 - cmd: docker exec R4 ping -c2 10.0.0.9 - cmd: docker exec R4 ping -c2 10.0.0.10 - cmd: docker exec R4 ping -c2 10.0.0.13 - cmd: docker exec R4 ping -c2 10.0.0.14 - cmd: docker exec R5 ping -c2 20.1.0.1 - cmd: docker exec R5 ping -c2 20.1.0.2 - cmd: docker exec R6 ping -c2 20.2.0.1 - cmd: docker exec R6 ping -c2 20.2.0.2 - cmd: docker exec R7 ping -c2 20.3.0.1 - cmd: docker exec R7 ping -c2 20.3.0.2 - cmd: docker exec R8 ping -c2 20.4.0.1 - cmd: docker exec R8 ping -c2 20.4.0.2 - name: remote cmds: - cmd: docker exec R5 ping -c2 20.1.0.2 - cmd: docker exec R5 ping -c2 20.2.0.2 - cmd: docker exec R5 ping -c2 20.3.0.2 - cmd: docker exec R5 ping -c2 20.4.0.2 - cmd: docker exec R6 ping -c2 20.1.0.2 - cmd: docker exec R6 ping -c2 20.2.0.2 - cmd: docker exec R6 ping -c2 20.3.0.2 - cmd: docker exec R6 ping -c2 20.4.0.2 - cmd: docker exec R7 ping -c2 20.1.0.2 - cmd: docker exec R7 ping -c2 20.2.0.2 - cmd: docker exec R7 ping -c2 20.3.0.2 - cmd: docker exec R7 ping -c2 20.4.0.2 - cmd: docker exec R8 ping -c2 20.1.0.2 - cmd: docker exec R8 ping -c2 20.2.0.2 - cmd: docker exec R8 ping -c2 20.3.0.2 - cmd: docker exec R8 ping -c2 20.4.0.2 ================================================ FILE: examples/basic_l3dsr/dscp/Dockerfile ================================================ FROM ubuntu:22.04 RUN apt update \ && apt install -y libc6-dev-i386 clang libbpf-dev iproute2 ================================================ FILE: examples/basic_l3dsr/dscp/spec.yaml ================================================ preinit: - cmds: - cmd: docker build -t xdptmp . nodes: - name: R1 image: xdptmp interfaces: - { name: net1, type: direct, args: CLOS#net1 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.default.rp_filter=0 - name: C1 image: slankdev/mikanectl docker_run_extra_args: --entrypoint bash interfaces: - { name: net0, type: direct, args: CLOS#net0 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.default.rp_filter=0 - name: C2 image: slankdev/mikanectl docker_run_extra_args: --entrypoint bash interfaces: - { name: net2, type: direct, args: CLOS#net2 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.default.rp_filter=0 - name: CLOS image: nicolaka/netshoot interfaces: - { name: net0, type: direct, args: C1#net0 } - { name: net1, type: direct, args: R1#net1 } - { name: net2, type: direct, args: C2#net2 } sysctls: - sysctl: net.ipv4.ip_forward=1 - sysctl: net.ipv4.conf.all.rp_filter=0 - sysctl: net.ipv4.conf.default.rp_filter=0 postinit: cmds: - cmd: docker cp xdp.c R1:/root/xdp.c - cmd: docker exec R1 clang -O2 -Wall -target bpf -c /root/xdp.c - cmd: docker exec R1 ip link set net1 xdpgeneric obj xdp.o sec xdp-lb node_configs: - name: R1 cmds: - cmd: ip addr add 142.0.0.1/32 dev lo - cmd: ip addr add 10.0.1.1/24 dev net1 - cmd: ip route add default via 10.0.1.2 - name: C1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip route add default via 10.0.0.2 - name: C2 cmds: - cmd: nohup mikanectl ifconfig-http -p 80 & - cmd: ip addr add 10.0.2.1/24 dev net2 - cmd: ip route add default via 10.0.2.2 - cmd: ip route add local 142.0.0.1/32 dev lo - cmd: tc qdisc add dev net2 clsact - cmd: tc filter add dev net2 ingress u32 match ip dsfield 0xa 0x1e action nat ingress 10.0.2.1 142.0.0.1 - name: CLOS cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip addr add 10.0.1.2/24 dev net1 - cmd: ip addr add 10.0.2.2/24 dev net2 - cmd: ip route add 142.0.0.1/32 dev net1 ================================================ FILE: examples/basic_l3dsr/dscp/xdp.c ================================================ #include #include #include #include #include #include #include #ifndef DSCP #define DSCP 10 #endif static __always_inline __u16 csum_fold_helper(__u64 csum) { int i; #pragma unroll for (i = 0; i < 4; i ++) { if (csum >> 16) csum = (csum & 0xffff) + (csum >> 16); } return ~csum; } static __always_inline void ipv4_csum(void *data_start, int data_size, __u64 *csum) { *csum = bpf_csum_diff(0, 0, data_start, data_size, *csum); *csum = csum_fold_helper(*csum); } static __always_inline int process_ipv4(struct xdp_md* ctx, __u64 data, __u64 data_end) { __u8 src_mac[ETH_ALEN]; struct ethhdr *eth; struct iphdr *iph; __u32 dst_addr = 0xa000201; __u64 csum = 0; eth = (struct ethhdr*)(data); if ((__u64)(eth + 1) > data_end) return XDP_DROP; iph = (struct iphdr*)(data + sizeof(struct ethhdr)); if ((__u64)(iph + 1) > data_end) return XDP_DROP; if (iph->daddr == bpf_htonl(0x8e000001)) { iph->tos = DSCP; iph->daddr = bpf_htonl(dst_addr); iph->check = 0; ipv4_csum(iph, sizeof(struct iphdr), &csum); iph->check = csum; __builtin_memcpy(src_mac, eth->h_source, ETH_ALEN); __builtin_memcpy(eth->h_source, eth->h_dest, ETH_ALEN); __builtin_memcpy(eth->h_dest, src_mac, ETH_ALEN); return XDP_TX; } return XDP_PASS; } static __always_inline int process_eth(struct xdp_md* ctx) { __u64 data = ctx->data; __u64 data_end = ctx->data_end; struct ethhdr *eth; eth = (struct ethhdr*)data; if ((__u64)(eth + 1) > data_end) return XDP_DROP; if (eth->h_proto == bpf_htons(ETH_P_IP)) { return process_ipv4(ctx, data, data_end); } return XDP_PASS; } SEC("xdp-lb") int entry(struct xdp_md *ctx) { int ret = process_eth(ctx); return ret; } char __license[] SEC("license") = "GPL"; ================================================ FILE: examples/basic_ldp/README.md ================================================ # LDP Example create basic mpls backbone-network ![](./topo.png) ``` host# modprobe mpls_router host# modprobe mpls_iptunnel ``` references - https://github.com/FRRouting/frr/blob/master/doc/developer/ldpd-basic-test-setup.md - https://github.com/FRRouting/frr/issues/651 - http://docs.frrouting.org/en/latest/ldpd.html ================================================ FILE: examples/basic_ldp/spec.yaml ================================================ nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: sh -c 'echo 100000 > /proc/sys/net/mpls/platform_labels' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net0/input' - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf te' -c 'int lo' -c ' ip address 10.255.0.1/32' -c '!' -c 'int net0' -c ' ip address 10.0.0.1/24' -c ' ipv6 address 2001::1/64' -c '!' -c 'mpls ldp' -c ' router-id 10.255.0.1' -c ' neighbor 10.255.0.2 password slank' -c ' !' -c ' address-family ipv4' -c ' discovery transport-address 10.255.0.1' -c ' label local advertise explicit-null' -c ' interface net0' -c '!' -c 'ip route 10.255.0.2 10.0.0.2 net0' - name: R2 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: sh -c 'echo 100000 > /proc/sys/net/mpls/platform_labels' - cmd: sh -c 'echo 1 > /proc/sys/net/mpls/conf/net0/input' - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf te' -c 'int lo' -c ' ip address 10.255.0.2/32' -c '!' -c 'int net0' -c ' ip address 10.0.0.2/24' -c ' ipv6 address 2001::2/64' -c '!' -c 'mpls ldp' -c ' router-id 10.255.0.2' -c ' neighbor 10.255.0.1 password slank' -c ' !' -c ' address-family ipv4' -c ' discovery transport-address 10.255.0.2' -c ' label local advertise explicit-null' -c ' interface net0' -c '!' -c 'ip route 10.255.0.1 10.0.0.1 net0' test: - name: p2p cmds: - cmd: echo slankdev slankdev - cmd: echo slankdev slankdev ================================================ FILE: examples/basic_mirror/local/spec.yaml ================================================ --- nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: M1#net0 } - name: R3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net1 } - name: M1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net2 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip route add default via 10.1.0.2 - name: R2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip link add mon0 type dummy - cmd: ip link set mon0 up ## [EGRESS MIRROR] ## prio match action ## ---- ----- ------ ## 100 any accept - cmd: tc qdisc add dev net0 root handle "10:" prio - cmd: >- tc filter add dev net0 parent "10:" prio 100 protocol all u32 match u32 0 0 flowid 10:1 action mirred egress mirror dev mon0 ## [EGRESS MIRROR] ## prio match action ## ---- -------------- ------ ## 100 tcp sport 2020 deny ## 101 any deny - cmd: tc qdisc add dev net0 root handle "10:" prio - cmd: >- tc filter add dev net0 parent "10:" prio 100 protocol all u32 match ip sport 2020 0xffff flowid 10:1 action pass - cmd: >- tc filter add dev net0 parent "10:" prio 101 protocol all u32 match u32 0 0 flowid 10:1 action mirred egress mirror dev mon0 ## [INGRESS MIRROR] ## prio match action ## ---- ----- ------ ## 100 any accept - cmd: tc qdisc add dev net0 ingress - cmd: >- tc filter add dev net0 parent "ffff:" prio 100 protocol all u32 match u32 0 0 flowid ffff:1 action mirred egress mirror dev mon0 ## [INGRESS MIRROR] ## prio match action ## ---- -------------- ------ ## 100 tcp dport 2020 deny ## 101 any accept - cmd: tc qdisc add dev net0 ingress - cmd: >- tc filter add dev net0 parent "ffff:" prio 100 protocol all u32 match ip dport 2020 0xffff flowid 10:1 action pass - cmd: >- tc filter add dev net0 parent "ffff:" prio 101 protocol all u32 match u32 0 0 flowid ffff:1 action mirred egress mirror dev mon0 ## ANOTHER TIPS # [MATCH] # match ip protocol 6 0xff # match ip src 10.255.1.1/32 # match ip dst 10.255.0.0/24 # match ip sport 2020 0xffff # match ip dport 8080 0xffff # # [CHECK] # tc filter list dev net0 parent 10: # tc filter list dev net0 parent ffff: # tc filter del dev net0 parent 10: # tc filter del dev net0 parent ffff: - name: R3 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 ================================================ FILE: examples/basic_mirror/remote/spec.yaml ================================================ --- nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R4#net0 } - name: R3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net1 } - name: R4 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net2 } - { name: net1, type: direct, args: R5#net0 } - name: R5 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R4#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip route add default via 10.1.0.2 - name: R2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: ip addr add 10.3.0.1/24 dev net2 - cmd: ip route add 10.4.0.0/24 via 10.3.0.2 # - cmd: ip link add mon0 type dummy # - cmd: ip link set mon0 up # - cmd: "tc qdisc add dev net0 root handle 10: prio" # - cmd: "tc qdisc add dev net0 ingress" # - cmd: "tc filter add dev net0 parent 10: prio 10 protocol all u32 match u32 0 0 flowid 10:1 action mirred egress mirror dev mon0" # - cmd: "tc filter add dev net0 parent ffff: prio 10 protocol all u32 match u32 0 0 flowid ffff:1 action mirred egress mirror dev mon0" - cmd: ip link add mon0 type gretap remote 10.4.0.2 local 10.3.0.1 ttl 10 - cmd: ip link set mon0 up - cmd: "tc qdisc add dev net0 root handle 10: prio" - cmd: "tc filter add dev net0 parent 10: prio 10 protocol all u32 match u32 0 0 flowid 10:1 action mirred egress mirror dev mon0" - cmd: "tc qdisc add dev net0 ingress" - cmd: "tc filter add dev net0 parent ffff: prio 10 protocol all u32 match u32 0 0 flowid ffff:1 action mirred egress mirror dev mon0" - name: R3 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 - name: R4 cmds: - cmd: ip addr add 10.3.0.2/24 dev net0 - cmd: ip addr add 10.4.0.1/24 dev net1 - name: R5 cmds: - cmd: ip addr add 10.4.0.2/24 dev net0 - cmd: ip route add default via 10.4.0.1 - cmd: ip link add mon0 type gretap remote 10.3.0.1 local 10.4.0.2 ttl 10 - cmd: ip link set mon0 up ================================================ FILE: examples/basic_mpls/spec.yaml ================================================ # DESCRIPTION: Basic MPLS Traffic Engneering # TEST: # docker exec C0 ping 192.168.1.2 -I 192.168.0.2 & # docker exec C0 ping 192.168.1.20 -I 192.168.0.20 & # docker exec R5 sysctl -w net.ipv4.ip_forward=0 # # TOPO: # +------+ 10.1. +------+ 10.2. +------+ # | | 0.0/24 .2| |.2 0.0/24 | | # | C0 | +--+net0| R4 |net1+-+ | C1 | # | | | | | | | | # +------+ | +------+ | +------+ # net0 | | net0 # +.2 .20 | | +.2 .20 # | | | | # | | | | # 192.168 | | | | 192.168 # .0.0/24 +.1 +.1 .1+ .1+ .1.0/24 # net1 net2 net2 net1 # +------+ +------+ +------+ +------+ # | |.2 .1| | | |.1 .2| | # | R0 |net0+---+net1| R2 | | R3 |net1+---+net0| R1 | # | | 10.3. | | | | 10.4. | | # +------+ 0.0/24 +------+ +------+ 0.0/24 +------+ # net0 net0 # +.1 .1+ # | | # | | # | | # 10.0. | +------+ |10.0. # 1.0/24| .2| |.2 |2.0/24 # +--+net0| R5 |net1+-+ # | | # +------+ pre_init: - cmds: - cmd: modprobe mpls_router - cmd: modprobe mpls_gso - cmd: modprobe mpls_iptunnel nodes: - name: R0 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: C0#net0 } - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R3#net1 } - { name: net1, type: direct, args: C1#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R5#net0 } - { name: net1, type: direct, args: R0#net0 } - { name: net2, type: direct, args: R4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R5#net1 } - { name: net1, type: direct, args: R1#net0 } - { name: net2, type: direct, args: R4#net1 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net2 } - { name: net1, type: direct, args: R3#net2 } - name: R5 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - name: C0 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R0#net1 } - name: C1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net1 } node_configs: - name: R0 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.3.0.2/24 dev net0 - cmd: ip addr add 192.168.0.1/24 dev net1 - cmd: ip route add 192.168.1.0/24 via 10.3.0.1 - cmd: ip route add 192.168.1.20/32 encap mpls 100 via inet 10.3.0.1 - name: R1 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.4.0.2/24 dev net0 - cmd: ip addr add 192.168.1.1/24 dev net1 - cmd: ip route add 192.168.0.0/24 via 10.4.0.1 - cmd: ip route add 192.168.0.20/32 encap mpls 200 via inet 10.4.0.1 - name: R2 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net2.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.0.1.1/24 dev net0 - cmd: ip addr add 10.3.0.1/24 dev net1 - cmd: ip addr add 10.1.0.1/24 dev net2 - cmd: ip route add 192.168.0.0/24 via 10.3.0.2 - cmd: ip route add 192.168.1.0/24 via 10.0.1.2 - cmd: ip -f mpls route add 100 via inet 10.1.0.2 - name: R3 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net2.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.0.2.1/24 dev net0 - cmd: ip addr add 10.4.0.1/24 dev net1 - cmd: ip addr add 10.2.0.1/24 dev net2 - cmd: ip route add 192.168.0.0/24 via 10.0.2.2 - cmd: ip route add 192.168.1.0/24 via 10.4.0.2 - cmd: ip -f mpls route add 200 via inet 10.2.0.2 - name: R4 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.2.0.2/24 dev net1 - cmd: ip route add 192.168.0.0/24 via 10.1.0.1 - cmd: ip route add 192.168.1.0/24 via 10.2.0.1 - name: R5 cmds: - cmd: sysctl -w net.ipv4.ip_forward=1 > /dev/null - cmd: sysctl -w net.mpls.conf.lo.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net0.input=1 > /dev/null - cmd: sysctl -w net.mpls.conf.net1.input=1 > /dev/null - cmd: sysctl -w net.mpls.platform_labels=1024 > /dev/null - cmd: ip addr add 10.0.1.2/24 dev net0 - cmd: ip addr add 10.0.2.2/24 dev net1 - cmd: ip route add 192.168.0.0/24 via 10.0.1.1 - cmd: ip route add 192.168.1.0/24 via 10.0.2.1 - name: C0 cmds: - cmd: ip addr add 192.168.0.2/24 dev net0 - cmd: ip addr add 192.168.0.20/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 192.168.0.1 - name: C1 cmds: - cmd: ip addr add 192.168.1.2/24 dev net0 - cmd: ip addr add 192.168.1.20/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 192.168.1.1 test: - cmds: - cmd: docker exec C0 ping 192.168.1.2 -I 192.168.0.2 - cmd: docker exec C0 ping 192.168.1.20 -I 192.168.0.20 - cmd: docker exec R5 sysctl -w net.ipv4.ip_forward=0 ================================================ FILE: examples/basic_multipath/README.md ================================================ # Multipath Configuration diagram ``` +-----------+ | R1 | +-----------+ (net0) (net1) | | (net0) (net0) +----+ +----+ | R2 | | R3 || +----+ +----+ (net1) (net1) | | (net0) (net1) +-----------+ | R4 | +-----------+ ``` other multipath config snippets ``` ip route add 1.1.1.1/32 \ nexthop via 10.0.0.1 weight 1 \ nexthop via 10.0.0.2 weight 2 ip route add :: table 10 \ nexthop weight 10 encap seg6 mode encap segs A::,B:: via fe80::1 dev eth0 \ nexthop weight 20 encap seg6 mode encap segs C::,D:: via fe80::2 dev eth0 ip route add :: vrf vrf0 \ nexthop weight 10 encap seg6 mode encap segs A::,B:: via fe80::1 dev eth0 \ nexthop weight 20 encap seg6 mode encap segs C::,D:: via fe80::2 dev eth0 ``` ================================================ FILE: examples/basic_multipath/spec.yaml ================================================ --- nodes: - name: R1 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R2 } - { name: net1, type: direct, args: R3 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R2 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R1 } - { name: net1, type: direct, args: R4 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R3 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R1 } - { name: net1, type: direct, args: R4 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R4 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R2 } - { name: net1, type: direct, args: R3 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] node_configs: - name: R1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.2.0.2/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R3 cmds: - cmd: ip addr add 10.1.0.3/24 dev net0 - cmd: ip addr add 10.2.0.3/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R4 cmds: - cmd: ip addr add 10.1.0.4/24 dev net0 - cmd: ip addr add 10.2.0.4/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: C1 cmds: - cmd: ip addr add 10.1.0.10/24 dev net0 - cmd: >- ip route replace default nexthop via 10.1.0.1 nexthop via 10.1.0.2 nexthop via 10.1.0.3 nexthop via 10.1.0.4 - cmd: nginx - cmd: iperf3 -s -D - name: C2 cmds: - cmd: ip addr add 10.2.0.10/24 dev net0 - cmd: >- ip route replace default nexthop via 10.2.0.1 nexthop via 10.2.0.2 nexthop via 10.2.0.3 nexthop via 10.2.0.4 - name: C3 cmds: - cmd: ip addr add 10.2.0.11/24 dev net0 - cmd: >- ip route replace default nexthop via 10.2.0.1 nexthop via 10.2.0.2 nexthop via 10.2.0.3 nexthop via 10.2.0.4 test: - name: test cmds: - cmd: docker exec R1 ping - cmd: docker exec R2 pmacct -e -p /tmp/collect.pipe ================================================ FILE: examples/basic_namespace/README.md ================================================ # Namespace Isolation ![](./topo.png) ``` cd path/to/here tn -f spec.blue.yaml upconf | sudo sh tn -f spec.green.yaml upconf | sudo sh docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6d5f9e4d6c51 slankdev/ubuntu:18.04 "/bin/bash" 2 seconds ago Up 1 second green_R2 92210c5eea85 slankdev/ubuntu:18.04 "/bin/bash" 3 seconds ago Up 2 seconds green_R1 48a50568c9c1 slankdev/ubuntu:18.04 "/bin/bash" 7 seconds ago Up 6 seconds blue_R2 86c2c4c9fc52 slankdev/ubuntu:18.04 "/bin/bash" 7 seconds ago Up 7 seconds blue_R1 ``` ================================================ FILE: examples/basic_namespace/spec.blue.yaml ================================================ meta: namespace: blue_ nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 ================================================ FILE: examples/basic_namespace/spec.green.yaml ================================================ meta: namespace: green_ nodes: - name: R1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net0 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - name: R2 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 ================================================ FILE: examples/basic_napt/spec.yaml ================================================ # DESCRIPTION: NAPT network using FRR # # TOPO: # S0 # (net0).2| # | # WAN:20.0.0.0/24 | # | # (net0).1| # R1(NAPT) # (net1).1| # | # LAN:10.0.0.0/24 | # | # (net0).2| # C0 # # INIT: # cns spec7.yaml init | sudo sh # ./setup7.sh # FINI: # cns spec7.yaml fini | sudo sh # nodes: - name: R0 image: slankdev/frr interfaces: - name: net0 type: direct args: S0#net0 - name: net1 type: direct args: C0#net0 - name: S0 image: slankdev/ubuntu:16.04 interfaces: - name: net0 type: direct args: R0#net0 - name: C0 image: slankdev/ubuntu:16.04 interfaces: - name: net0 type: direct args: R0#net1 node_configs: - name: R0 cmds: - cmd: >- vtysh -c "conf t" -c "interface net0" -c "ip address 20.0.0.1/24" -c "exit" -c "interface net1" -c "ip address 10.0.0.1/24" -c "exit" - cmd: >- iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE - name: S0 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 20.0.0.1 - name: C0 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route del default - cmd: ip route add default via 10.0.0.1 test: - cmds: - cmd: docker exec C0 ping -c2 20.0.0.2 - cmd: docker exec -d S0 iperf -s - cmd: docker exec C0 iperf -c 20.0.0.2 ================================================ FILE: examples/basic_netflow/README.md ================================================ # NetFlow/IPFIX using pmacctd ## pmacct ref: https://github.com/linsomniac/pmacct/blob/master/EXAMPLES ``` pmacctd -P print -r 1 -i net0 -c src_host,dst_host pmacctd -P memory -i net0 -c src_host,dst_host pmacctd -P memory -c src_host,dst_host pmacctd -P memory -c src_host,dst_host -D pmacctd -P memory -c src_host,dst_host,proto,src_port,dst_port pmacctd -f /conf.txt pmacct -s -p /tmp/collect.pipe pmacct -s -p /tmp/collect.pipe -O json ``` ``` plugins: memory aggregate: src_host,dst_host,proto,src_port,dst_port plugin_buffer_size: 35200 plugin_pipe_size: 409600000 ``` ## nfcapd/nfdump ``` nfcapd -w -l /tmp -p 2100 ``` ================================================ FILE: examples/basic_netflow/multipath/Makefile ================================================ linkstats: @echo -n "R1:net0 " @docker exec -it R1 sh -c "ip -j -s link show dev net0 | jq '.[0] | [.stats64.rx.packets, .stats64.tx.packets] | @tsv' -r" @echo -n "R2:net0 " @docker exec -it R1 sh -c "ip -j -s link show dev net0 | jq '.[0] | [.stats64.rx.packets, .stats64.tx.packets] | @tsv' -r" @echo -n "R3:net0 " @docker exec -it R3 sh -c "ip -j -s link show dev net0 | jq '.[0] | [.stats64.rx.packets, .stats64.tx.packets] | @tsv' -r" @echo -n "R4:net0 " @docker exec -it R4 sh -c "ip -j -s link show dev net0 | jq '.[0] | [.stats64.rx.packets, .stats64.tx.packets] | @tsv' -r" flowstats: docker exec C3 pmacct -s -p /tmp/collect.pipe reset: docker exec C3 pmacct -e -p /tmp/collect.pipe docker exec R1 pmacct -e -p /tmp/collect.pipe docker exec R2 pmacct -e -p /tmp/collect.pipe docker exec R3 pmacct -e -p /tmp/collect.pipe docker exec R4 pmacct -e -p /tmp/collect.pipe test-iperf: #docker exec -it C2 iperf3 -c 10.1.0.10 -P5 -t 5 docker exec -it C2 iperf3 -c 10.1.0.10 -n 5G test-vegeta: docker exec -it C2 sh -c "cat /vegeta.conf | vegeta attack -keepalive=false -duration=5s | tee results.bin | vegeta report" #docker exec -it C2 sh -c "cat /vegeta.conf | vegeta attack -duration=5s | tee results.bin | vegeta report" ================================================ FILE: examples/basic_netflow/multipath/spec.yaml ================================================ --- nodes: - name: R1 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: bridge, args: B1 } - { name: net1, type: bridge, args: B2 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R2 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: bridge, args: B1 } - { name: net1, type: bridge, args: B2 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R3 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: bridge, args: B1 } - { name: net1, type: bridge, args: B2 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: R4 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: bridge, args: B1 } - { name: net1, type: bridge, args: B2 } sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: C1 image: tinynetwork/nginx:develop interfaces: [{ name: net0, type: bridge, args: B1 }] sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: C2 image: tinynetwork/pmacctd:develop interfaces: [{ name: net0, type: bridge, args: B2 }] sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] - name: C3 image: tinynetwork/pmacctd:develop interfaces: [{ name: net0, type: bridge, args: B2 }] sysctls: [{ sysctl: net.ipv4.fib_multipath_hash_policy=1 }] switches: - name: B1 interfaces: - { name: net0, type: container, args: R1 } - { name: net0, type: container, args: R2 } - { name: net0, type: container, args: R3 } - { name: net0, type: container, args: R4 } - { name: net0, type: container, args: C1 } - name: B2 interfaces: - { name: net1, type: container, args: R1 } - { name: net1, type: container, args: R2 } - { name: net1, type: container, args: R3 } - { name: net1, type: container, args: R4 } - { name: net0, type: container, args: C2 } - { name: net0, type: container, args: C3 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.1.0.1/24 dev net0 - cmd: ip addr add 10.2.0.1/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R2 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip addr add 10.2.0.2/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R3 cmds: - cmd: ip addr add 10.1.0.3/24 dev net0 - cmd: ip addr add 10.2.0.3/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: R4 cmds: - cmd: ip addr add 10.1.0.4/24 dev net0 - cmd: ip addr add 10.2.0.4/24 dev net1 - cmd: pmacctd -f /pmacctd.conf - name: C1 cmds: - cmd: ip addr add 10.1.0.10/24 dev net0 - cmd: >- ip route replace default nexthop via 10.1.0.1 nexthop via 10.1.0.2 nexthop via 10.1.0.3 nexthop via 10.1.0.4 - cmd: nginx - cmd: iperf3 -s -D - name: C2 cmds: - cmd: ip addr add 10.2.0.10/24 dev net0 - cmd: >- ip route replace default nexthop via 10.2.0.1 nexthop via 10.2.0.2 nexthop via 10.2.0.3 nexthop via 10.2.0.4 - name: C3 cmds: - cmd: ip addr add 10.2.0.11/24 dev net0 - cmd: >- ip route replace default nexthop via 10.2.0.1 nexthop via 10.2.0.2 nexthop via 10.2.0.3 nexthop via 10.2.0.4 #- cmd: nfacctd -f /nfacctd.conf - cmd: nfcapd -l /tmp -p 2100 -t 10 -D postinit: cmds: - cmd: | cat </tmp/pmacctd.conf daemonize: true aggregate: src_host,dst_host,proto,src_port,dst_port logfile: /var/log/pmacctd.log interface: net0 plugin_buffer_size: 3520000 plugin_pipe_size: 409600000 !plugins: memory plugins: nfprobe nfprobe_receiver: 10.2.0.11:2100 nfprobe_version: 9 nfprobe_timeouts: maxlife=1 EOF - cmd: | cat </tmp/nfacctd.conf daemonize: true aggregate: src_host,dst_host,proto,src_port,dst_port nfacctd_port: 2100 plugins: memory EOF - cmd: | cat </tmp/vegeta.conf GET http://10.1.0.10 EOF - cmd: docker cp /tmp/pmacctd.conf R1:/pmacctd.conf - cmd: docker cp /tmp/pmacctd.conf R2:/pmacctd.conf - cmd: docker cp /tmp/pmacctd.conf R3:/pmacctd.conf - cmd: docker cp /tmp/pmacctd.conf R4:/pmacctd.conf - cmd: docker cp /tmp/nfacctd.conf C3:/nfacctd.conf - cmd: docker cp /tmp/vegeta.conf C2:/vegeta.conf test: - name: clear cmds: - cmd: docker exec R1 pmacct -e -p /tmp/collect.pipe - cmd: docker exec R2 pmacct -e -p /tmp/collect.pipe ================================================ FILE: examples/basic_netflow/simple/spec.yaml ================================================ --- nodes: - name: R1 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: R4#net0 } - name: R2 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R1#net0 } - name: R3 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R1#net1 } - name: R4 image: tinynetwork/pmacctd:develop interfaces: - { name: net0, type: direct, args: R1#net2 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.2.0.1/24 dev net0 - cmd: ip addr add 10.3.0.1/24 dev net1 - cmd: ip addr add 10.4.0.1/24 dev net2 - name: R2 cmds: - cmd: ip addr add 10.2.0.2/24 dev net0 - cmd: ip route add default via 10.2.0.1 - name: R3 cmds: - cmd: ip addr add 10.3.0.2/24 dev net0 - cmd: ip route add default via 10.3.0.1 - name: R4 cmds: - cmd: ip addr add 10.4.0.2/24 dev net0 - cmd: ip route add default via 10.4.0.1 ================================================ FILE: examples/basic_netns/spec.yaml ================================================ nodes: - name: H0 type: netns interfaces: - { name: net0, type: direct, args: C0#net0 } - { name: net1, type: direct, args: C1#net0 } - name: C0 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: H0#net0 } - name: C1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: H0#net1 } node_configs: - name: H0 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.1.0.1/24 dev net1 - name: C0 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route replace default via 10.0.0.1 - name: C1 cmds: - cmd: ip addr add 10.1.0.2/24 dev net0 - cmd: ip route replace default via 10.1.0.1 test: - cmds: - cmd: echo slankdev ================================================ FILE: examples/basic_nftables/masquerade/README.md ================================================ # nftables study (MASQ) check nft is enabled (m is OK) ``` # cat /boot/config-`uname -r` | grep CONFIG_NF_TABLES CONFIG_NF_TABLES=m CONFIG_NF_TABLES_INET=m CONFIG_NF_TABLES_NETDEV=m CONFIG_NF_TABLES_IPV4=m CONFIG_NF_TABLES_ARP=m CONFIG_NF_TABLES_IPV6=m CONFIG_NF_TABLES_BRIDGE=m ``` - Good reference - https://knowledge.sakura.ad.jp/22636/ - https://www.slideshare.net/s1061123/nftables-the-next-generation-firewall-in-linux ================================================ FILE: examples/basic_nftables/masquerade/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp ../../../tools/http_server.py R3:/usr/bin - cmd: docker cp ../../../tools/echo_server.py R3:/usr/bin nodes: - name: R1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R3 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: R2 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 20.0.0.1/24 dev net1 - cmd: nft create table ip nat - cmd: nft create chain ip nat prerouting { type nat hook prerouting priority 0 \;} - cmd: nft create chain ip nat postrouting { type nat hook postrouting priority 0 \;} - cmd: nft add rule nat postrouting ip saddr 10.0.0.0/24 oif net1 masquerade - name: R3 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: nohup http_server.py & ================================================ FILE: examples/basic_nftables/snat/README.md ================================================ # nftables study (SNAT) check nft is enabled (m is OK) ``` # cat /boot/config-`uname -r` | grep CONFIG_NF_TABLES CONFIG_NF_TABLES=m CONFIG_NF_TABLES_INET=m CONFIG_NF_TABLES_NETDEV=m CONFIG_NF_TABLES_IPV4=m CONFIG_NF_TABLES_ARP=m CONFIG_NF_TABLES_IPV6=m CONFIG_NF_TABLES_BRIDGE=m ``` - Good reference - https://knowledge.sakura.ad.jp/22636/ - https://www.slideshare.net/s1061123/nftables-the-next-generation-firewall-in-linux ================================================ FILE: examples/basic_nftables/snat/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp ../../../tools/http_server.py R3:/usr/bin - cmd: docker cp ../../../tools/echo_server.py R3:/usr/bin nodes: - name: R1 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R2#net0 } - name: R2 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R3#net0 } - name: R3 image: slankdev/conntrack:centos-7 interfaces: - { name: net0, type: direct, args: R2#net1 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.2/24 dev net0 - cmd: ip route add default via 10.0.0.1 - name: R2 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 20.0.0.1/24 dev net1 - cmd: nft create table ip nat - cmd: nft create chain ip nat prerouting { type nat hook prerouting priority 0 \;} - cmd: nft create chain ip nat postrouting { type nat hook postrouting priority 0 \;} - cmd: nft add rule nat postrouting ip protocol tcp snat to 20.0.0.1:100-200 - name: R3 cmds: - cmd: ip addr add 20.0.0.2/24 dev net0 - cmd: nohup http_server.py & ================================================ FILE: examples/basic_ospfv2_bird/README.md ================================================ # Multiple OSPFv3 Instance using Bird ![](./topo.png) ``` ``` ================================================ FILE: examples/basic_ospfv2_bird/bird/R1_bird.conf ================================================ router id 10.255.0.1; protocol device { } protocol kernel { learn; export all; import all; } protocol ospf instance_A { router id 10.255.0.1; export all; import all; area 0.0.0.0 { interface "net0" { hello 10; wait 40; type ptp; }; interface "net1" { hello 10; wait 40; type ptp; }; interface "net2" { hello 10; wait 40; type ptp; }; }; } ================================================ FILE: examples/basic_ospfv2_bird/bird/R2_bird.conf ================================================ router id 10.255.0.2; protocol device { } protocol kernel { learn; export all; import all; } protocol ospf instance_A { router id 10.255.0.2; export all; import all; area 0.0.0.0 { interface "net0" { hello 10; wait 40; type ptp; }; interface "net1" { hello 10; wait 40; type ptp; }; }; } ================================================ FILE: examples/basic_ospfv2_bird/bird/R3_bird.conf ================================================ router id 10.255.0.3; protocol device { } protocol kernel { learn; export all; import all; } protocol ospf instance_A { router id 10.255.0.3; export all; import all; area 0.0.0.0 { interface "net0" { hello 10; wait 40; type ptp; }; interface "net1" { hello 10; wait 40; type ptp; }; interface "net2" { hello 10; wait 40; type ptp; }; }; } ================================================ FILE: examples/basic_ospfv2_bird/bird/R4_bird.conf ================================================ router id 10.255.0.4; protocol device { } protocol kernel { learn; export all; import all; } protocol ospf instance_A { router id 10.255.0.4; export all; import all; area 0.0.0.0 { interface "net0" { hello 10; wait 40; type ptp; }; interface "net1" { hello 10; wait 40; type ptp; }; interface "net2" { hello 10; wait 40; type ptp; }; }; } ================================================ FILE: examples/basic_ospfv2_bird/spec.yaml ================================================ postinit: - cmds: - cmd: docker cp bird/R1_bird.conf R1:/etc/bird/bird.conf - cmd: docker cp bird/R2_bird.conf R2:/etc/bird/bird.conf - cmd: docker cp bird/R3_bird.conf R3:/etc/bird/bird.conf - cmd: docker cp bird/R4_bird.conf R4:/etc/bird/bird.conf nodes: - name: R1 image: tmp interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: S1#net0 } - name: R2 image: tmp interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - name: R3 image: tmp interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: S3#net0 } - name: R4 image: tmp interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R3#net1 } - { name: net2, type: direct, args: S4#net0 } - name: S1 image: tmp interfaces: - { name: net0, type: direct, args: R1#net2 } - name: S3 image: tmp interfaces: - { name: net0, type: direct, args: R3#net2 } - name: S4 image: tmp interfaces: - { name: net0, type: direct, args: R4#net2 } node_configs: - name: R1 cmds: - cmd: ip addr add 10.0.0.1/30 dev net0 - cmd: ip addr add 10.0.0.9/30 dev net1 - cmd: ip addr add 10.0.0.17/30 dev net2 - cmd: ip addr add 10.255.0.1/32 dev lo - cmd: mkdir -p /run/bird - cmd: bird -c /etc/bird/bird.conf - name: R2 cmds: - cmd: ip addr add 10.0.0.2/30 dev net0 - cmd: ip addr add 10.0.0.13/30 dev net1 - cmd: ip addr add 10.255.0.2/32 dev lo - cmd: mkdir -p /run/bird - cmd: bird -c /etc/bird/bird.conf - name: R3 cmds: - cmd: ip addr add 10.0.0.10/30 dev net0 - cmd: ip addr add 10.0.0.5/30 dev net1 - cmd: ip addr add 10.0.0.21/30 dev net2 - cmd: ip addr add 10.255.0.3/32 dev lo - cmd: mkdir -p /run/bird - cmd: bird -c /etc/bird/bird.conf - name: R4 cmds: - cmd: ip addr add 10.0.0.14/30 dev net0 - cmd: ip addr add 10.0.0.6/30 dev net1 - cmd: ip addr add 10.0.0.25/30 dev net2 - cmd: ip addr add 10.255.0.4/32 dev lo - cmd: mkdir -p /run/bird - cmd: bird -c /etc/bird/bird.conf - name: S1 cmds: - cmd: ip addr add 10.0.0.18/30 dev net0 - cmd: ip route replace default via 10.0.0.17 - name: S3 cmds: - cmd: ip addr add 10.0.0.22/30 dev net0 - cmd: ip route replace default via 10.0.0.21 - name: S4 cmds: - cmd: ip addr add 10.0.0.26/30 dev net0 - cmd: ip route replace default via 10.0.0.25 test: - name: p2p cmds: - cmd: docker exec R1 ping -c2 10.0.0.1 - cmd: docker exec R1 ping -c2 10.0.0.2 - cmd: docker exec R1 ping -c2 10.0.0.9 - cmd: docker exec R1 ping -c2 10.0.0.10 - cmd: docker exec R1 ping -c2 10.0.0.17 - cmd: docker exec R1 ping -c2 10.0.0.18 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.2 - cmd: docker exec R2 ping -c2 10.0.0.13 - cmd: docker exec R2 ping -c2 10.0.0.14 - cmd: docker exec R3 ping -c2 10.0.0.9 - cmd: docker exec R3 ping -c2 10.0.0.10 - cmd: docker exec R3 ping -c2 10.0.0.5 - cmd: docker exec R3 ping -c2 10.0.0.6 - cmd: docker exec R3 ping -c2 10.0.0.21 - cmd: docker exec R3 ping -c2 10.0.0.22 - cmd: docker exec R4 ping -c2 10.0.0.13 - cmd: docker exec R4 ping -c2 10.0.0.14 - cmd: docker exec R4 ping -c2 10.0.0.5 - cmd: docker exec R4 ping -c2 10.0.0.6 - cmd: docker exec R4 ping -c2 10.0.0.25 - cmd: docker exec R4 ping -c2 10.0.0.26 ================================================ FILE: examples/basic_ospfv2_frr/README.md ================================================ # OSPFv2 using FRR ![](./topo.png) ================================================ FILE: examples/basic_ospfv2_frr/spec.yaml ================================================ # DESCRIPTION: OSPF network using FRR # INIT: # cns spec.yaml init | sudo sh # cns spec.yaml conf | sudo sh # cns spec.yaml test | sudo sh # FINI: # cns spec.yaml fini | sudo sh # TOPO: # nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: S1#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: S3#net0 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R3#net1 } - { name: net2, type: direct, args: S4#net0 } - name: S1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net2 } - name: S3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R3#net2 } - name: S4 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R4#net2 } node_configs: - name: S1 cmds: - cmd: ip addr add 10.0.0.18/30 dev net0 - cmd: ip route replace default via 10.0.0.17 - name: S3 cmds: - cmd: ip addr add 10.0.0.22/30 dev net0 - cmd: ip route replace default via 10.0.0.21 - name: S4 cmds: - cmd: ip addr add 10.0.0.26/30 dev net0 - cmd: ip route replace default via 10.0.0.25 - name: R1 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.1/30 dev net0 - cmd: ip addr add 10.0.0.9/30 dev net1 - cmd: ip addr add 10.0.0.17/30 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf" -c " network 10.0.0.0/30 area 0" -c " network 10.0.0.8/30 area 0" -c " network 10.0.0.16/30 area 0" - name: R2 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.2/30 dev net0 - cmd: ip addr add 10.0.0.13/30 dev net1 - cmd: >- vtysh -c "conf t" -c "router ospf" -c " network 10.0.0.0/30 area 0" -c " network 10.0.0.12/30 area 0" - name: R3 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.10/30 dev net0 - cmd: ip addr add 10.0.0.5/30 dev net1 - cmd: ip addr add 10.0.0.21/30 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf" -c " network 10.0.0.8/30 area 0" -c " network 10.0.0.4/30 area 0" -c " network 10.0.0.20/30 area 0" - name: R4 cmds: - cmd: /usr/lib/frr/frr start - cmd: ip addr add 10.0.0.14/30 dev net0 - cmd: ip addr add 10.0.0.6/30 dev net1 - cmd: ip addr add 10.0.0.25/30 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf" -c " network 10.0.0.12/30 area 0" -c " network 10.0.0.4/30 area 0" -c " network 10.0.0.24/30 area 0" test: - cmds: # P2P Link test - cmd: docker exec S1 ping -c2 10.0.0.17 - cmd: docker exec S3 ping -c2 10.0.0.21 - cmd: docker exec S4 ping -c2 10.0.0.25 - cmd: docker exec R1 ping -c2 10.0.0.2 - cmd: docker exec R1 ping -c2 10.0.0.10 - cmd: docker exec R1 ping -c2 10.0.0.18 - cmd: docker exec R2 ping -c2 10.0.0.1 - cmd: docker exec R2 ping -c2 10.0.0.14 - cmd: docker exec R3 ping -c2 10.0.0.9 - cmd: docker exec R3 ping -c2 10.0.0.6 - cmd: docker exec R3 ping -c2 10.0.0.21 - cmd: docker exec R4 ping -c2 10.0.0.13 - cmd: docker exec R4 ping -c2 10.0.0.5 - cmd: docker exec R4 ping -c2 10.0.0.26 ================================================ FILE: examples/basic_ospfv3_bird_multiple_instance/R3_bird6.conf ================================================ router id 10.255.0.3; protocol device dev0 { } protocol kernel ker0 { learn; export all; import all; } table red; protocol kernel ker1 { learn; export all; import all; table red; kernel table 10; } table blu; protocol kernel ker2 { learn; export all; import all; table blu; kernel table 20; } protocol direct dir1 { table red; interface "net0"; interface "net2"; } protocol direct dir2 { table blu; interface "net1"; interface "net3"; } protocol ospf ored { vrf "red"; table red; router id 10.255.0.30; export all; import all; area 0.0.0.0 { interface "net0" { hello 10; wait 40; type ptp; }; interface "net2" { hello 10; wait 40; type ptp; }; }; } protocol ospf oblu { vrf "blu"; table blu; router id 10.255.0.31; export all; import all; area 0.0.0.0 { interface "net1" { hello 10; wait 40; type ptp; }; interface "net3" { hello 10; wait 40; type ptp; }; }; } ================================================ FILE: examples/basic_ospfv3_bird_multiple_instance/README.md ================================================ # OSPFv3 Multiple Instance(VRF) using Bird ![](./topo.png) - the tmp image should include **bird-1.6.6** - also kernel's version can be perform l3mdev ================================================ FILE: examples/basic_ospfv3_bird_multiple_instance/spec.yaml ================================================ postinit: - cmds: - cmd: docker exec R3 mkdir -p /etc/bird - cmd: docker cp R3_bird6.conf R3:/etc/bird/bird6.conf nodes: - name: R1 image: tmp interfaces: - { name: net0, type: direct, args: R3#net0 } - name: R2 image: tmp interfaces: - { name: net0, type: direct, args: R3#net1 } - name: R3 image: tmp interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R2#net0 } - { name: net2, type: direct, args: R4#net0 } - { name: net3, type: direct, args: R4#net1 } - name: R4 image: tmp interfaces: - { name: net0, type: direct, args: R3#net2 } - { name: net1, type: direct, args: R3#net3 } node_configs: - name: R1 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int net0' -c ' ipv6 address 2001:111::2/64' -c ' ipv6 ospf6 network point-to-point' -c ' exit' -c 'router ospf6' -c ' ospf6 router-id 10.255.0.1' -c ' interface net0 area 0.0.0.0' -c ' exit' - name: R2 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int net0' -c ' ipv6 address 2001:222::2/64' -c ' ipv6 ospf6 network point-to-point' -c ' exit' -c 'router ospf6' -c ' ospf6 router-id 10.255.0.2' -c ' interface net0 area 0.0.0.0' -c ' exit' - name: R3 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: ip link add red type vrf table 10 - cmd: ip link add blu type vrf table 20 - cmd: ip link set dev red up - cmd: ip link set dev blu up - cmd: ip link set net0 vrf red - cmd: ip link set net2 vrf red - cmd: ip link set net1 vrf blu - cmd: ip link set net3 vrf blu - cmd: ip -6 addr add 2001:111::1/64 dev net0 - cmd: ip -6 addr add 2001:222::1/64 dev net1 - cmd: ip -6 addr add 2001:f10::1/64 dev net2 - cmd: ip -6 addr add 2001:f11::1/64 dev net3 - cmd: mkdir -p /run/bird - cmd: bird6 -c /etc/bird/bird6.conf - name: R4 cmds: - cmd: sh -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: >- vtysh -c 'conf t' -c 'int net0' -c ' ipv6 address 2001:f10::2/64' -c ' ipv6 ospf6 network point-to-point' -c ' exit' -c 'int net1' -c ' ipv6 address 2001:f11::2/64' -c ' ipv6 ospf6 network point-to-point' -c ' exit' -c 'router ospf6' -c ' ospf6 router-id 10.255.0.4' -c ' interface net0 area 0.0.0.0' -c ' interface net1 area 0.0.0.0' -c ' exit' test: - name: p2p cmds: # - cmd: docker exec R1 ping -c2 10.0.0.1 # - cmd: docker exec R1 ping -c2 10.0.0.2 # - cmd: docker exec R2 ping -c2 10.0.0.1 # - cmd: docker exec R2 ping -c2 10.0.0.2 ================================================ FILE: examples/basic_ospfv3_frr/README.md ================================================ # OSPFv3 using FRR ![](./topo.png) ================================================ FILE: examples/basic_ospfv3_frr/spec.yaml ================================================ # DESCRIPTION: OSPF network using FRR # INIT: # cns spec.yaml init | sudo sh # cns spec.yaml conf | sudo sh # cns spec.yaml test | sudo sh # FINI: # cns spec.yaml fini | sudo sh # TOPO: # nodes: - name: R1 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net0 } - { name: net1, type: direct, args: R3#net0 } - { name: net2, type: direct, args: S1#net0 } - name: R2 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net0 } - { name: net1, type: direct, args: R4#net0 } - name: R3 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R1#net1 } - { name: net1, type: direct, args: R4#net1 } - { name: net2, type: direct, args: S3#net0 } - name: R4 image: slankdev/frr interfaces: - { name: net0, type: direct, args: R2#net1 } - { name: net1, type: direct, args: R3#net1 } - { name: net2, type: direct, args: S4#net0 } - name: S1 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R1#net2 } - name: S3 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R3#net2 } - name: S4 image: slankdev/ubuntu:18.04 interfaces: - { name: net0, type: direct, args: R4#net2 } node_configs: - name: S1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip -6 addr add 2001:11::2/64 dev net0 - cmd: ip -6 route replace default via 2001:11::1 - name: S3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip -6 addr add 2001:33::2/64 dev net0 - cmd: ip -6 route replace default via 2001:33::1 - name: S4 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: ip -6 addr add 2001:44::2/64 dev net0 - cmd: ip -6 route replace default via 2001:44::1 - name: R1 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: ip -6 addr add 2001:12::1/64 dev net0 - cmd: ip -6 addr add 2001:13::1/64 dev net1 - cmd: ip -6 addr add 2001:11::1/64 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf6" -c ' ospf6 router-id 10.255.0.1' -c " interface net0 area 0.0.0.0" -c " interface net1 area 0.0.0.0" -c " interface net2 area 0.0.0.0" - name: R2 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: ip -6 addr add 2001:12::2/64 dev net0 - cmd: ip -6 addr add 2001:24::1/64 dev net1 - cmd: >- vtysh -c "conf t" -c "router ospf6" -c ' ospf6 router-id 10.255.0.2' -c " interface net0 area 0.0.0.0" -c " interface net1 area 0.0.0.0" - name: R3 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: ip -6 addr add 2001:13::2/64 dev net0 - cmd: ip -6 addr add 2001:34::1/64 dev net1 - cmd: ip -6 addr add 2001:33::1/64 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf6" -c ' ospf6 router-id 10.255.0.3' -c " interface net0 area 0.0.0.0" -c " interface net1 area 0.0.0.0" -c " interface net2 area 0.0.0.0" - name: R4 cmds: - cmd: bash -c "enable_seg6_router.py | sh" - cmd: /usr/lib/frr/frr start - cmd: ip -6 addr add 2001:24::2/64 dev net0 - cmd: ip -6 addr add 2001:34::2/64 dev net1 - cmd: ip -6 addr add 2001:44::1/64 dev net2 - cmd: >- vtysh -c "conf t" -c "router ospf6" -c ' ospf6 router-id 10.255.0.4' -c " interface net0 area 0.0.0.0" -c " interface net1 area 0.0.0.0" -c " interface net2 area 0.0.0.0" test: - name: p2p cmds: - cmd: docker exec S1 ping -c2 2001:11::1 - cmd: docker exec S3 ping -c2 2001:33::1 - cmd: docker exec S4 ping -c2 2001:44::1 - cmd: docker exec R1 ping -c2 2001:12::1 - cmd: docker exec R1 ping -c2 2001:12::2 - cmd: docker exec R1 ping -c2 2001:13::1 - cmd: docker exec R1 ping -c2 2001:13::2 - cmd: docker exec R1 ping -c2 2001:11::1 - cmd: docker exec R1 ping -c2 2001:11::2 - cmd: docker exec R2 ping -c2 2001:12::1 - cmd: docker exec R2 ping -c2 2001:12::2 - cmd: docker exec R2 ping -c2 2001:24::1 - cmd: docker exec R2 ping -c2 2001:24::2 - cmd: docker exec R3 ping -c2 2001:13::1 - cmd: docker exec R3 ping -c2 2001:13::2 - cmd: docker exec R3 ping -c2 2001:34::1 - cmd: docker exec R3 ping -c2 2001:34::2 - cmd: docker exec R3 ping -c2 2001:33::1 - cmd: docker exec R3 ping -c2 2001:33::2 - cmd: docker exec R4 ping -c2 2001:24::1 - cmd: docker exec R4 ping -c2 2001:24::2 - cmd: docker exec R4 ping -c2 2001:34::1 - cmd: docker exec R4 ping -c2 2001:34::2 - cmd: docker exec R4 ping -c2 2001:44::1 - cmd: docker exec R4 ping -c2 2001:44::2 ================================================ FILE: examples/basic_pbr/spec.yaml ================================================ postinit: - cmds: - cmd: | cat < /tmp/Corefile .:53 { forward . 8.8.8.8 log errors cache } EOF - cmd: docker cp /tmp/Corefile S1:/Corefile nodes: - name: S1 image: slankdev/coredns:centos-7 net_base: bridge interfaces: - { name: net0, type: direct, args: HV1#net0 } - { name: net1, type: direct, args: HV1#net1 } - name: HV1 image: slankdev/coredns:centos-7 interfaces: - { name: net0, type: direct, args: S1#net0 } - { name: net1, type: direct, args: S1#net1 } node_configs: - name: S1 cmds: - cmd: ip addr add 10.0.0.10/24 dev net0 - cmd: ip addr add 10.0.0.11/24 dev net1 - cmd: ip rule add prio 100 from 10.0.0.11 table 300 - cmd: ip route add default via 10.0.0.1 dev net1 table 300 - cmd: nohup coredns -conf /Corefile & - name: HV1 cmds: - cmd: ip addr add 10.0.0.1/24 dev net0 - cmd: ip addr add 10.0.0.1/24 dev net1 - cmd: ip route add 10.0.0.10/32 dev net0 - cmd: ip route add 10.0.0.11/32 dev net1 ================================================ FILE: examples/basic_peer/spec.yaml ================================================ precmd: - cmds: - cmd: export IMAGE=slankdev/frr:centos-7-stable-7.0 nodes: - name: R0 image: $IMAGE interfaces: - { name: net0, type: direct, args: R1#net0 } - name: R1 image: $IMAGE interfaces: - { name: net0, type: direct, args: R0#net0 } node_configs: - name: R0 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 1" -c " bgp router-id 1.1.1.1" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " redistribute kernel" -c " exit-address-family" - name: R1 cmds: - cmd: sh -c 'enable_seg6_router.py | sh' - cmd: /usr/lib/frr/frrinit.sh start - cmd: >- vtysh -c "conf t" -c "router bgp 2" -c " bgp router-id 2.2.2.2" -c " bgp bestpath as-path multipath-relax" -c " bgp bestpath compare-routerid" -c " neighbor FABRIC peer-group" -c " neighbor FABRIC remote-as external" -c " neighbor FABRIC capability extended-nexthop" -c " neighbor net0 interface peer-group FABRIC" -c " !" -c " address-family ipv4 unicast" -c " redistribute connected" -c " redistribute kernel" -c " exit-address-family" ================================================ FILE: examples/basic_pim/README.md ================================================ # PIM Multicast Test multicast test ``` iperf -u -s -B 239.1.1.5 -i 1 iperf -u -c 239.1.1.5 -i -T -t