Basic ipv6 support #112
Open
Basic ipv6 support #112
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sebageek
force-pushed
the
basic-ipv6-support
branch
from
d9c6833 to
950e4d6
Compare
sebageek
force-pushed
the
basic-ipv6-support
branch
2 times, most recently
from
f360938 to
d2ffc25
Compare
sebageek
force-pushed
the
basic-ipv6-support
branch
2 times, most recently
from
0f3dfc5 to
c7f8e1f
Compare
In VBInterface.postflight() we only need to call _update(), as we're already scoped to a router (and have a context).
With this patch we're supporting IPv6 partly in our infrastructure, at least for internal networks. This enables the v6 address family on our VRFs (if there is an IPv6 subnet connected to the router) and we configure IPv6 addresses on interfaces where needed. For BGPVPN we currently skip all v6 subnets. For extraroutes there is still testing to be done.
We can now configure IPv6 routes on our hardware routers, including default gateways. As we now return an empty dict if there are no routes we should no longer see any route diffs when the router has no default route configured.
Support announcing internal IPv6 CIDRs via BGPVPN, if we have them. This does not yet support route-targets / route-maps inside VRFs.
For our external prefixes we need support for IPv6 prefix lists.
We now support setting route-targets and export maps on the v6 address-family.
Route Maps can now reference IPv6 prefix lists. We also did some maintenance on the RouteMap class, like removing the unused enable_bgp flag and making sure that specifying both prefix_list and access_list don't override each other's match conditions (though this hasn't been used so far). As we don't know yet how we'll transport IPv6 prefixes from ACI/EVPN to our routers we'll for now leave the RoutePrefix to be v4 only and don't reference it for v6 addresses. Once we know how that part of the infra is going to work we'll fill it with life!
With the introduction of the new prefix list yang model in c626065 we also needed to introduce a cleanup method in preflight() that cleans up stale entries of a prefix list. This removal did not work properly, as we provided a seq as a string (number), while the Prefix class expects a PrefixSeq yang model. Therefore the cleanup in preflight failed with: AttributeError: asr1k_neutron_l3.models.netconf_yang.prefix in to_delete_dict 'str' object has no attribute 'no' When we convert the prefix list to a proper model, cleanup works.
We can now configure external interfaces with IPv6, including DAPNet support. This includes a rework of how the Router() class handles IP addresses and offers route redistribution via route-maps + prefix lists instead of explicit network statements. The InterfaceList now has three new methods to get the list of IPs for a router that are external, internal or routable. Routable IPs are defined as the list of internal IPs where the address scope of the subnet matches the address scope of the gateway (external) interface. The BGP AddressFamily class now supports advertising of routes via route-map. This means we have a route-map, which references prefix lists that contain routable and internal IPs + their extra routes. For routable IPs and their extraroutes we set a route target: routable IPs get the cloud vrf's id, routable extraroutes have a prepended 1 to the vrf id. This is very much the same as it is currently handled on the device, though the config was pre-provisioned and only referenced via route-maps on the respective network statements. This feature is currently only enabled for IPv6 default and can be enabled for IPv4 with the config option advertise_bgp_ipv4_routes_via_redistribute. The reason of doing this is that editing the BGP config tree currently locks up the whole device config due to requiring a full config resync. Prefix lists referenced by route-maps that do not contain any prefix don't appear as config on the device. The referencing route-map treats non-existing prefix-lists as "always matching". As our expectation of how this would work was empty prefix-list means "no match", we now have to adjust our expectations of this feature and always add an entry if the list would be empty otherwise. This is done via add_deny_if_empty, which adds a deny for everything. The seq 4242 was deliberately chosen to not collide with any of our existing rules, not because we saw any problems with this, but because we didn't want to end up in a situation where the device locks up because "there is already a rule with that seq", even though we generally think this should work.
sebageek
force-pushed
the
basic-ipv6-support
branch
from
c7f8e1f to
a8b064c
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There is still some testing to be done. Also, the tests are not yet complete