bibigon812 / bibigon812-quagga Goto Github PK
View Code? Open in Web Editor NEWThis puppet module manages dynamic routing protocols.
Home Page: https://forge.puppet.com/bibigon812/quagga
License: Apache License 2.0
This puppet module manages dynamic routing protocols.
Home Page: https://forge.puppet.com/bibigon812/quagga
License: Apache License 2.0
Didn't find any way to do distribute-lists in OSPF, maybe I'm just missing it or it is in the pipes but I managed to get it somewhat working (not sure about removing them): https://github.com/clxnetom/bibigon812-quagga/tree/ospf-distribute-list#ospf-distribute-lists
router ospf
distribute-list acl out kernel
I was looking for an option to setup bgpd to log to a file or stdout, it seems like there isn't one for that or any other daemons. Is this something that could be added?
node mynode {
class { 'quagga':
service_file => '/etc/sysconfig/frr',
}
}
This is what I am getting:
root@mynode:~$ service frr status
โ frr.service - FRRouting
Loaded: loaded (/lib/systemd/system/frr.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2018-12-10 21:56:25 EST; 11h ago
Dec 10 21:56:25 mynode frr[23539]: Starting Frr daemons (prio:10):.
Dec 10 21:56:25 mynode frr[23539]: Exiting: failed to connect to any daemons.
Dec 10 21:56:25 mynode frr[23539]: Exiting from the script
Dec 10 21:56:25 mynode frr[23555]: Stopping Frr monitor daemon: (watchfrr).
Dec 10 21:56:25 mynode frr[23555]: Stopping Frr daemons (prio:0): (zebra) (bgpd) (ripd) (ripngd) (ospfd) (ospf6d)
Dec 10 21:56:25 mynode frr[23555]: Stopping other frr daemons..
Dec 10 21:56:25 mynode frr[23555]: Removing remaining .vty files.
Dec 10 21:56:25 mynode frr[23555]: Removing all routes made by FRR.
Dec 10 21:56:25 mynode frr[23555]: Exiting from the script
Dec 10 21:56:25 mynode systemd[1]: Started FRRouting.
It seems like no daemon is being enabled. I can't find in the code any statement that updates /etc/frr/daemons. Am I meant to do that or there's something wrong with the module (or my code above)?
I'm trying to use the quagga function to summarize a prefix and substitute it with another prefix (as described here: http://www.nongnu.org/quagga/docs/docs-multi/OSPF-area.html), but is seems this isn't possible today.
Example:
router ospf
ospf router-id 172.16.26.25
log-adjacency-changes detail
network 192.168.14.0/24 area 0.0.0.121
area 0.0.0.121 range 192.168.14.2/32 substitute 192.168.14.0/24
Would it be possible to add this without too much effort?
I cannot find any way to create and remove access lists using this modul. Is this something that is in the pipes?
access-list 1 remark IP Standard access list
access-list 1 permit host 127.0.0.1
access-list 1 deny any
access-list 100 remark IP extended access list
access-list 100 permit 192.168.0.0 0.0.0.255 any
access-list 100 deny any any
I am working on adding it locally but it is an ugly hack ...
PS. Thanks for the static routes and passive interfaces in OSPF, great job!
I have a bit of an issue when I intentionally set quagga::zebra::service_ensure to 'stopped'.
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: /Stage[main]/Quagga/Resources[quagga_prefix_list]: Failed to generate additional resources using 'generate': Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to conn
ect to any daemons.
Error: /Stage[main]/Quagga/Resources[quagga_route_map]: Failed to generate additional resources using 'generate': Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to connec
t to any daemons.
as well as errors like
Error: Failed to apply catalog: Execution of '/usr/bin/vtysh -c show running-config' returned 1: Exiting: failed to connect to any daemons.
I would like to move the global_opts, route_maps and prefix_lists options to quagga::zebra since they anyway require zebra to be up and running in order to work.
If there are no objections, I will open a PR for it.
Hi Mr @bibigon812
May I know which quagga version should I use for puppet version puppet-3.8.7 please
Thanks so much
@m4ce What are you think about BGP, AF and neighbours? I don't like what's written below, but I couldn't think of anything better.
# bgp router parameters
quagga::bgp::router:
65000:
import_check: true
default_ipv4_unicast: false
router_id: 10.255.255.1
redistribute:
- ospf route-map BGP_FROM_OSPF
address_family:
ipv4_unicast:
maximum_ebgp_paths: 2
maximum_ibgp_paths: 10
networks:
- 1.1.1.0/24
- 1.1.2.0/24
ipv4_multicast:
networks:
- 230.0.0.0/24
- 230.0.255.0/24
ipv6_unicast:
networks:
- 1::/64
- 2::/64
# bgp peer parameters
quagga::bgp::peers:
CLIENTS:
passive: true
peer_group: true
address_family:
ipv4_unicast:
activate: true
INTERNAL:
local_as: 65000
peer_group: true
remote_as: 65000
shutdown: false
update_source: 192.168.0.1
address_family:
ipv4_unicast:
activate: true
alliw_as_in: 1
next_hop_self: true
172.16.0.2:
remote_as: 65001
address_family:
ipv4_unicast:
activate: true
192.168.0.2:
peer_group: INTERNAL
address_family:
ipv4_unicast:
activate: true
ipv4_multicast:
activate: true
ipv6_unicast:
activate: true
I guess the newly quagga_interface type can manage this too.
If route_map has been changed bgp_neighbor must soft clear the session.
I am working on helping the networking team move the quagga configuration into Puppet. I am working on providing static routes and passive interfaces in OSPF (these are the two requirements I cannot seem to solve with the module out of the box).
I am getting there but I am pretty new at developing modules so while code reuse from other types/providers is a real help I am not sure if it is at as high quality as the rest of the module. This being said - is this something that you would like to merge into this module or have you decided not to have these features?
Unable to encrypt BGP sessions (BGP passwords cannot be set)
There appears to be a bug in the quagga_logging
type, where it constantly tries to set the log method on the host to an empty string instead of syslog
. A quick read of the code seems to show that the provider is using a symbol, and that the symbol isn't getting coerced to a string correctly.
Error messages look like:
Could not evaluate: Execution of '/usr/bin/vtysh -c configure terminal -c log -c end -c write memory' returned 1: % Command incomplete.
The correct command should look like: /usr/bin/vtysh -c configure terminal -c log syslog -c end -c write memory
$puppet --version
7.17.0
$ uname -a
Linux foreman.hpwren.ucsd.edu 3.10.0-1160.71.1.el7.x86_64 #1 SMP Tue Jun 28 15:37:28 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
Module version: 4.4.0 (latest on forge)
include 'quagga'
# using defaults
Only IPv4 is supported, as for v6 you need to use "ipv6 address" instead of "ip address" on the Quagga CLI.
I looked at the code but unfortunately it's currently out of my league: it's done efficiently with mapping and templates - I have no idea how to make this work for different address families without introducing an entirely new ip6_address parameter (it would be a lot more elegant if this would work transparently).
We should support things like:
area 0.0.0.1 authentication message-digest
area 0.0.0.1 stub no-summary
@bibigon812 Are you still working on this module?
@bastelfreak should we migrate to voxpupuli?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.