bibigon812 / bibigon812-quagga Goto Github PK

Didn't find any way to do distribute-lists in OSPF, maybe I'm just missing it or it is in the pipes but I managed to get it somewhat working (not sure about removing them): https://github.com/clxnetom/bibigon812-quagga/tree/ospf-distribute-list#ospf-distribute-lists

router ospf
distribute-list acl out kernel

I was looking for an option to setup bgpd to log to a file or stdout, it seems like there isn't one for that or any other daemons. Is this something that could be added?

node mynode {             
  class { 'quagga':            
    service_file => '/etc/sysconfig/frr',
  }
}

This is what I am getting:

root@mynode:~$ service frr status
● frr.service - FRRouting
Loaded: loaded (/lib/systemd/system/frr.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2018-12-10 21:56:25 EST; 11h ago

Dec 10 21:56:25 mynode frr[23539]: Starting Frr daemons (prio:10):.
Dec 10 21:56:25 mynode frr[23539]: Exiting: failed to connect to any daemons.
Dec 10 21:56:25 mynode frr[23539]: Exiting from the script
Dec 10 21:56:25 mynode frr[23555]: Stopping Frr monitor daemon: (watchfrr).
Dec 10 21:56:25 mynode frr[23555]: Stopping Frr daemons (prio:0): (zebra) (bgpd) (ripd) (ripngd) (ospfd) (ospf6d)
Dec 10 21:56:25 mynode frr[23555]: Stopping other frr daemons..
Dec 10 21:56:25 mynode frr[23555]: Removing remaining .vty files.
Dec 10 21:56:25 mynode frr[23555]: Removing all routes made by FRR.
Dec 10 21:56:25 mynode frr[23555]: Exiting from the script
Dec 10 21:56:25 mynode systemd[1]: Started FRRouting.

It seems like no daemon is being enabled. I can't find in the code any statement that updates /etc/frr/daemons. Am I meant to do that or there's something wrong with the module (or my code above)?

I'm trying to use the quagga function to summarize a prefix and substitute it with another prefix (as described here: http://www.nongnu.org/quagga/docs/docs-multi/OSPF-area.html), but is seems this isn't possible today.

Example:

router ospf
   ospf router-id 172.16.26.25
   log-adjacency-changes detail
   network 192.168.14.0/24 area 0.0.0.121
   area 0.0.0.121 range 192.168.14.2/32 substitute 192.168.14.0/24

Would it be possible to add this without too much effort?

I cannot find any way to create and remove access lists using this modul. Is this something that is in the pipes?

access-list 1 remark IP Standard access list
access-list 1 permit host 127.0.0.1
access-list 1 deny any
access-list 100 remark IP extended access list
access-list 100 permit 192.168.0.0 0.0.0.255 any
access-list 100 deny any any

I am working on adding it locally but it is an ugly hack ...

PS. Thanks for the static routes and passive interfaces in OSPF, great job!

I have a bit of an issue when I intentionally set quagga::zebra::service_ensure to 'stopped'.

Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: /Stage[main]/Quagga/Resources[quagga_prefix_list]: Failed to generate additional resources using 'generate': Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to conn
ect to any daemons.
Error: /Stage[main]/Quagga/Resources[quagga_route_map]: Failed to generate additional resources using 'generate': Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to connec
t to any daemons.

as well as errors like

Error: Failed to apply catalog: Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to connect to any daemons.

I would like to move the global_opts, route_maps and prefix_lists options to quagga::zebra since they anyway require zebra to be up and running in order to work.

If there are no objections, I will open a PR for it.

Hi Mr @bibigon812
May I know which quagga version should I use for puppet version puppet-3.8.7 please
Thanks so much

@m4ce What are you think about BGP, AF and neighbours? I don't like what's written below, but I couldn't think of anything better.

# bgp router parameters
quagga::bgp::router:
    65000:
        import_check: true
        default_ipv4_unicast: false
        router_id: 10.255.255.1
        redistribute:
            - ospf route-map BGP_FROM_OSPF
        address_family:
            ipv4_unicast:
                maximum_ebgp_paths: 2
                maximum_ibgp_paths: 10
                networks:
                    - 1.1.1.0/24
                    - 1.1.2.0/24
            ipv4_multicast:
                networks:
                    - 230.0.0.0/24
                    - 230.0.255.0/24
            ipv6_unicast:
                networks:
                    - 1::/64
                    - 2::/64

# bgp peer parameters
quagga::bgp::peers:
    CLIENTS:
        passive: true
        peer_group: true
        address_family:
            ipv4_unicast:
                activate: true
    INTERNAL:
        local_as: 65000
        peer_group: true
        remote_as: 65000
        shutdown: false
        update_source: 192.168.0.1
        address_family:
            ipv4_unicast:
                activate: true
                alliw_as_in: 1
                next_hop_self: true
    172.16.0.2:
        remote_as: 65001
        address_family:
            ipv4_unicast:
                activate: true
    192.168.0.2:
        peer_group: INTERNAL
        address_family:
            ipv4_unicast:
                activate: true
            ipv4_multicast:
                activate: true
            ipv6_unicast:
                activate: true

I guess the newly quagga_interface type can manage this too.

If route_map has been changed bgp_neighbor must soft clear the session.

I am working on helping the networking team move the quagga configuration into Puppet. I am working on providing static routes and passive interfaces in OSPF (these are the two requirements I cannot seem to solve with the module out of the box).

I am getting there but I am pretty new at developing modules so while code reuse from other types/providers is a real help I am not sure if it is at as high quality as the rest of the module. This being said - is this something that you would like to merge into this module or have you decided not to have these features?

Unable to encrypt BGP sessions (BGP passwords cannot be set)

There appears to be a bug in the quagga_logging type, where it constantly tries to set the log method on the host to an empty string instead of syslog. A quick read of the code seems to show that the provider is using a symbol, and that the symbol isn't getting coerced to a string correctly.

Error messages look like:

Could not evaluate: Execution of '/usr/bin/vtysh -c configure terminal -c log -c end -c write memory' returned 1: % Command incomplete.

The correct command should look like: /usr/bin/vtysh -c configure terminal -c log syslog -c end -c write memory

Environment

$puppet --version
7.17.0
$ uname -a
Linux foreman.hpwren.ucsd.edu 3.10.0-1160.71.1.el7.x86_64 #1 SMP Tue Jun 28 15:37:28 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)

Module version: 4.4.0 (latest on forge)

Test code

Puppet

include 'quagga'

Hiera

# using defaults

Only IPv4 is supported, as for v6 you need to use "ipv6 address" instead of "ip address" on the Quagga CLI.

I looked at the code but unfortunately it's currently out of my league: it's done efficiently with mapping and templates - I have no idea how to make this work for different address families without introducing an entirely new ip6_address parameter (it would be a lot more elegant if this would work transparently).

We should support things like:

area 0.0.0.1 authentication message-digest
area 0.0.0.1 stub no-summary

@bibigon812 Are you still working on this module?
@bastelfreak should we migrate to voxpupuli?