Use SaltStack's peeringdb module to generate BGP peer information

maznu commented 4 years ago

Use the peeringdb.get_net function to retrieve:

name for the name of the peer network as part of the neighbor 192.0.2.1 description
info_prefixes4 and info_prefixes6 to auto-populate
irr_as_set to generate auto-AS-ASSETNAME prefix-lists and apply them to the peer

And use peeringdb.get_netixlan module with asn= and ixlan= to fetch all potential peers:

asn to pre-populate the remote-as
name of the IX as part of the neighbor 192.0.2.1 description
ipaddr4 and ipaddr6 for the peer router addresses

This could then auto-build the configuration for the peers, for example:

policy:
    prefix-list:
        auto-AS-BBC:
            bgpq3:
                IPv4: AS-BBC
                IPv6: AS-BBC

protocols:
    bgp:
        41495:
            neighbor:
                "195.66.224.103":
                    remote-as: 2818
                    description: AS2818 (BBC) @ LINX LON1
                    address-family:
                        ipv4-unicast:
                            maximum-prefix: 100
                            prefix-list:
                                export: auto-AS-FAELIX
                                import: auto-AS-BBC
                            route-map:
                                import: LINXLON1-in-IPv4
                                export: TRANSIT-out-IPv4
                            soft-reconfiguration:
                                - inbound
                "2001:7f8:4::b02:1":
                    remote-as: 2818
                    description: AS2818 (BBC) @ LINX LON1
                    address-family:
                        ipv6-unicast:
                            maximum-prefix: 100
                            prefix-list:
                                export: auto-AS-FAELIX
                                import: auto-AS-BBC
                            route-map:
                                import: LINXLON1-in-IPv6
                                export: TRANSIT-out-IPv6
                            soft-reconfiguration:
                                - inbound

Becomes:

protocols:
    bgp:
        41495:
            neighbor:
                # other non-PeeringDB neighbors

            peeringdb:
                default:
                        ipv4-unicast:
                            prefix-list:
                                export: auto-AS-FAELIX
                                import: hphr-DFZ-IPv4
                            route-map:
                                export: TRANSIT-out-IPv4
                        ipv6-unicast:
                            prefix-list:
                                export: auto-AS-FAELIX
                                import: hphr-DFZ-IPv6
                            route-map:
                                export: TRANSIT-out-IPv6
                ix:
                    LINX LON1:
                        peeringdb_ixlan: 1927
                        asn:
                            2818: # BBC
                                  # to override anything on a per-AF basis
                                  address-family:
                                      ipv4-unicast:
                                          default-originate: True # XXX don't do in prod :)
                                  # to override anything on a per-neighbor basis
                                  neighbor:
                                      "195.66.224.103":
                                          password: letmepeer

maznu commented 4 years ago

Blocked: current versions of VyOS 1.3 do not appear to support the peeringdb module :(

salt@teleport:~/hphr/pillar$ salt dekker.d.faelix.net peeringdb.get_netixlan asn=41495 ixlan=1927
dekker.d.faelix.net:
    'peeringdb.get_netixlan' is not available.
ERROR: Minions returned with non-zero exit code

maznu commented 4 years ago

This was added to VyOS in vyos-1.3-rolling-202004261005-amd64.iso and confirmed as working:

salt@teleport:~/hphr/salt$ salt coudreau.e.faelix.net peeringdb.get_netixlan asn=41495 ixlan=1927
coudreau.e.faelix.net:
    ----------
    comment:
    out:
        |_
          ----------
          asn:
              41495
          created:
              2019-04-08T08:53:20Z
          id:
              48703
          ipaddr4:
              185.1.101.32
          ipaddr6:
              2001:7f8:bc::4:1495:1
          is_rs_peer:
              True
          ix_id:
              1927
          ixlan_id:
              1927
          name:
              Equinix Manchester: Equinix IX - MA Metro
          net_id:
              1947
          notes:
          operational:
              True
          speed:
              1000
          status:
              ok
          updated:
              2020-02-19T04:08:28Z
    result:
        True

faelix / hphr

Use SaltStack's peeringdb module to generate BGP peer information #5