RtConfig
Section: User Commands (1)
Updated: local
Index
Return to Main Contents
NAME
RtConfig
SYNOPSIS
RtConfig
[flags]
DESCRIPTION
RtConfig analyzes the routing policies registered
in the Internet Routing Registry (IRR)
and produces router configuration files.
It supports cisco, junos, nortel/bay, gated, RSd router configuration file
formats.
RtConfig reads lines form the standard input,
and prints them to the standard output,
except for the lines that start with "@RtConfig"
which instruct RtConfig to perform special operation
(please see "RtConfig Commands" Section below).
RtConfig establishes a whois connection to query IRR.
IRRToolSet COMMON OPTIONS
-
- -help
-
Print summary of command-line options and abort.
- -T [whois_query | whois_response | input | all]
-
Trace the argument. Useful for debugging.
- -D <integer>
-
Print debugging messages of debug channel <integer>
(if compiled with DEBUG defined).
- -version
-
Print the version number and quit.
- -h <host-name>
-
Establish a whois connection to host <host-name>.
The default is whois.radb.net.
- -p <port-no>
-
Establish an whois connection to port <port-no>.
The default is 43.
- -protocol <protocol>
-
Use the <protocol> to connect to the IRR server. <protocol> can be irrd(rawhoisd), ripe(bird), and ripe_perl. The default is irrd. The ripe_perl option should be used with the old ripe server.
- -s <source-list>
-
Consider the sources specified in the comma separated <source-list>.
If an object is defined in multiple sources in <source-list>,
RtConfig uses the definition first encountered in <source-list>
from left to right.
- -f <file-name>
-
IRR cache file. You can have any RPSL object in this file, except route
objects.
They will override these objects in IRR.
This option is intended for private objects, or to test new public objects
before publishing.
- -rusage
-
Print resource usage upon completion.
- -prompt <new-prompt>
-
Change the prompt to <new-prompt> when invoked interactively. By default
the prompt is "RtConfig> ".
- -ignore_errors
-
Do not print error and warning messages due to communication to the
database server or parsing policy objects.
- -report_errors
-
Print error and warning messages due to communication to the
database server or parsing policy objects.
OTHER OPTIONS
-
- -config <config-format>
-
Produce router configuration in <config-format>
which is either cisco (default), junos, bcc (for bay), gated or rsd.
- -no_match_ip_inbound
-
In older Cisco IOS versions,
in-bound route maps did not support ip access-list matches.
Use of this option causes RtConfig to use distribute-lists to overcome
this limitation.
- -disable_access_list_cache
-
RtConfig caches the access-lists (and in the future ip as-path
access-lists and route-maps) that it generates so that the same
access-list number can be reused instead of generating a new access list.
If you do not want RtConfig to consume much memory,
-disable_access_list_cache option can be used to turn off this feature.
However,
if you are short on memory on your cisco box,
you should leave this feature enabled.
- -supress_martian
-
This option only affects cisco configurations.
All access lists generated will deny the following routes:
host 0.0.0.0 any
127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255
191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255
192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255
223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
any 255.255.255.128 0.0.0.127
- -cisco_no_compress_acls
-
This option only affects cisco configurations.
This option is used to disable combining multiple cisco access list lines
into a single line using wildcards whenever possible.
- -cisco_use_prefix_lists
-
This option only affects cisco configurations.
This option instructs RtConfig to output prefix-lists which yield higher
performace than access-lists. This flag implies -cisco_compress_acls.
- -cisco_eliminate_dup_map_parts
-
This option only affects cisco configurations.
This option instructs RtConfig to eliminate a later map part if its filter
is covered by earlier map parts.
- -cisco_skip_route_maps
-
This option only affects cisco configurations.
This option instructs RtConfig not to print route maps,
hence it only prints access lists.
- -cisco_force_tilda
-
This option only affects cisco configurations. It forces * and + operators
in AS path regular expressions to be interpreted as ~* and ~+ operators.
This is useful if you get as path access lists with real long lines, it
will force them to multiple lines.
- -cisco_empty_lists
-
This option only affects Cisco configurations. It forces interpreting ANY/NOT ANY prefix filters as universal/empty set of prefixes, and produces access lists for them. By default only warning is issued.
ENVIRONMENT VARIABLES
-
- IRR_HOST
-
Specifies the IRR host to connect.
- IRR_PORT
-
Specifies the IRR port number to connect.
- IRR_SOURCES
-
Specifies the source list (comma separated) to consider.
Command line options take precedence over environment variables.
RtConfig COMMANDS
RtConfig copies standard input to standard output
except when it encounters RtConfig commands on the standard input.
All RtConfig commands start with "@RtConfig" at the beginning of a line.
Currently the following commands are implemented:
-
- @RtConfig import <ASN-1> <rtr-1> <ASN-2> <rtr-2>
-
<ASN-1> and <ASN-2> are AS numbers preceded with string "AS". For
example, AS number 1 is specified as "AS1".
<rtr-1> and <rtr-2> are ip addresses in prefix notation. For
example, the router with address 128.9.128.9 is specified as "128.9.128.9".
This command instructs RtConfig to generate import filters
where
<rtr-1> in <ASN-1> is importing routes from
<rtr-2> in <ASN-2>.
The appropriate filters are generated
by considering
the import lines for <ASN-2>-<rtr-1>-<rtr-2>
in the aut-num object for <ASN-1>.
- @RtConfig export <ASN-1> <rtr-1> <ASN-2> <rtr-2>
-
The arguments of the export command are the same as the import command.
This command instructs RtConfig to generate export filters
where
<rtr-1> in <ASN-1> is exporting routes to
<rtr-2> in <ASN-2>.
The appropriate filters are generated
by considering
the export lines for <ASN-2>-<rtr-1>-<rtr-2>
in the aut-num object for <ASN-1>.
- @RtConfig configureRouter <inet-rtr-name>
-
<inet-rtr-name> is the DNS name of an inet-rtr object.
This command will use the named inet-rtr object,
and configure import and export policies
for each of the BGP4 peers of the router
(using the peer attribute).
- @RtConfig importGroup <ASN-1> <peering-set-name>
-
- @RtConfig exportGroup <ASN-1> <peering-set-name>
-
<peering-set-name> is a name of a peering set object.
This command instructs RtConfig to generate import (export) filters
where
<ASN-1> is importing (exporting) routes from (to) the peers listed in
<peering-set-name>.
The aut-num object for <ASN-1>
should have an import (export) attribute using the peering set's name.
- @RtConfig static2bgp <ASN-1> <rtr-1>
-
This command instructs RtConfig to generate inject filters
where
<rtr-1> in <ASN-1> is injecting static routes into BGP4.
The appropriate filters are generated
by considering
the import policies of <ASN-1>
where "protocol STATIC" or "protocol STATIC into BGP4" is used.
- @RtConfig set sources = <source-list>
-
<source-list> is string containing comma separated list of sources to
consider.
This command instruct RtConfig to change the list of sources considered.
- @RtConfig access_list filter <filter>
-
<filter> is an RPSL filter over AS numbers, AS set names and route set
names using operators AND, OR and NOT.
This command instruct RtConfig to generate an access list for <filter>.
- @RtConfig aspath_access_list filter <filter>
-
<filter> is an RPSL filter over AS path regular expressions using
operators AND, OR and NOT.
This command instruct RtConfig to generate an as path access list for <filter>.
- @RtConfig printPrefixes <format> filter <filter>
-
<format> is a quoted string, and
<filter> is an RPSL filter over AS numbers, AS set names and route set
names using operators AND, OR and NOT.
This command instruct RtConfig to print the prefixes in <filter> using
<format>.
The <format> can contain the following escape sequences:
%p prefix
%l length
%L 32-length
%n n (%p/%l^%n-%m, e.g. 128.9.0.0/16^24-32)
%m m
%k mask
%K inverse of mask (i.e. ~mask)
%% %
\n carriage return
\t tab
Example, use:
@RtConfig printPrefixes "net %p \tmask %k\n" filter AS1
- @RtConfig printPrefixRanges <format> filter <filter>
-
This command is same as the "printPrefixes" command,
except the consecutive address prefixes are compressed into a single
address prefix range.
- @RtConfig printSuperPrefixRanges <format> filter <filter>
-
This command is same as the "printPrefixRanges" command,
except it compresses more aggresively. The %n and %m information is
lost. But,
%D, a set of dont care bits representing different %n-%m ranges are
provided.
Cisco specific commands:
-
- @RtConfig set cisco_map_name = <map-name>
-
<map-name> is a quoted string.
This command instruct RtConfig to use <map-name> as the name for the route
maps generated.
If the <map-name> contains %d,
it will be replaced by the peer's AS number.
If it contains a second %d,
it will be replaced by an integer that is incremented each time a new
map is generated (to ensure unique map names).
The default cisco_map_name is "MyMap_%d_%d".
- @RtConfig set cisco_map_first_no = <no>
-
<no> is an integer.
This command instruct RtConfig to use <no> as the first number of a newly
generated route map.
If missing, 1 is used.
- @RtConfig set cisco_map_increment_by = <no>
-
<no> is an integer.
This command instruct RtConfig to increment route map numbers by <no>.
If missing, successive route maps are numbered by increments of 1.
- @RtConfig set cisco_prefix_acl_no = <no>
-
<no> is an integer.
This command instruct RtConfig to start numbering prefix access lists at <no>.
- @RtConfig set cisco_aspath_acl_no = <no>
-
<no> is an integer.
This command instruct RtConfig to start numbering aspath access lists at <no>.
- @RtConfig set cisco_pktfilter_acl_no = <no>
-
<no> is an integer.
This command instruct RtConfig to start numbering inbound/outbound packet filter access lists at <no>.
- @RtConfig set cisco_community_acl_no = <no>
-
<no> is an integer.
This command instruct RtConfig to start numbering community access lists at <no>.
- @RtConfig set cisco_access_list_no = <no>
-
<no> is an integer.
This command instruct RtConfig to start numbering all access lists at <no>.
- @RtConfig set cisco_max_preference = <no>
-
<no> is an integer defaulting to 1000.
This command instruct RtConfig to start using preferences from <no> (most
preferred) and counting down from there.
- @RtConfig networks <ASN-1>
-
<ASN-1> is an AS number preceded with string "AS".
For each route registered with origin <ASN-1>,
a network statement of the form "network <prefix> mask <mask>" is generated.
- @RtConfig default <ASN-1> <ASN-2>
-
<ASN-1> and <ASN-2> are AS numbers preceded with string "AS".
This command instructs RtConfig to generate "ip default-network" statements
where <ASN-1> is defaulting to <ASN-2>.
The appropriate statements are generated
for the network addresses listed in
the default attribute for <ASN-2> in the aut-num object of <ASN-1>.
- @RtConfig pkt_filter <if-name> <ASN-1> <rtr-1> <ASN-2> <rtr-2>
-
The arguments of the pkt_filter command are the same as the import command.
This command instructs RtConfig to generate packet filters
where
<rtr-1> in <ASN-1> is going to drop data packets
that are received from <rtr-2> in <ASN-2>,
but do not have source addresses
inside the address prefixes imported from this peer.
The appropriate filters are generated
by considering
the import lines for <ASN-2>-<rtr-1>-<rtr-2>
in the aut-num object for <ASN-1>.
The filter is applied to the interface <if-name> in the inbound direction.
The <if-name> is a string and must be enclosed in double quotes.
- @RtConfig outbound_pkt_filter <if-name> <ASN-1> <rtr-1> <ASN-2> <rtr-2>
-
Same as the pkt_filter command,
except
the appropriate filters are generated
by considering
the export lines for <ASN-2>-<rtr-1>-<rtr-2>
in the aut-num object for <ASN-1>.
The filter is applied to the interface <if-name> in the outbound direction.
Junos specific commands:
-
- @RtConfig set junos_policy_name = <policy-name>
-
<policy-name> is a quoted string.
This command instruct RtConfig to use <policy-name> as the name for the
policy statements generated.
If the <policy-name> contains %d,
it will be replaced by the peer's AS number.
If it contains a second %d,
it will be replaced by an integer that is incremented each time a new
map is generated (to ensure unique map names).
The default junos_map_name is "policy_%d_%d".
- @RtConfig networks <ASN-1>
-
<ASN-1> is an AS number preceded with string "AS".
For each route registered with origin <ASN-1>,
a network statement of the form "network <prefix> mask <mask>" is
generated. This needs to be Juniperized.
BCC (Bay Networks BayRS) specific commands:
-
- @RtConfig set bcc_version = <version>
-
Create output for BCC version <version>.
Default is 310 (= BCC 3.10) which is available
since BayRS 12.00. This paramater has
no effect in the current version, however
might be used in the future.
- @RtConfig set bcc_force_back = <flag>
-
<flag> is either 0 or 1 defaulting to 0 (do
not force). If this flag is set, the generated
output will add 'back' statements, even
if they are not required, but are useful if
this output is diff'd against the output of
- @RtConfig set bcc_max_prefixes = <nr>
-
<nr> defines the maximum number of prefixes
allowed per filter definition. Default is
66 (SiteManager limitation). BCC limit is
somewhere less than 200.
- @RtConfig set bcc_advertise_all = <flag>
-
<flag> is either 0 or 1 defaulting to 0
(don't advertise subnets) This flag, if set
to 1, advertise network 255.255.255.255 mask
255.255.255.255 resulting in advertisments
of the actual network IDs along with the
oterh IDs in the advertise list. This allows
advertisements of an aggregate or default
along with the actual network.
- @RtConfig set bcc_advertise_nets = <flag>
-
<flag> is either 0 or 1 defaulting to 0
(don't build advertise list) If this flag is
set (1), then for each network in the
announce match network list an entry in the
advertise list of the same filter is created.
Note however, that this results in
advertising of all network IDs as long as at
least 1 network match the network list.
- @RtConfig set bcc_max_preference = <no>
-
<no> is an integer defaulting to 1000. This
command instruct RtConfig to start using
preferences from <no> (most preferred) and
counting down from there.
- @RtConfig default <ASN-1> <ASN-2>
-
<ASN-1> and <ASN-2> are AS numbers preceded
with string "AS". This command instructs
RtConfig to generate an "inject policy"
(accept policiy with set action "inject" of
default or network IDs where <ASN-1> is
defaulting to <ASN-2>. The appropriate
statements are generated for the network
addresses listed in the default attribute
for <ASN-2> in the aut-num object of
<ASN-1>.
RSd specific commands:
-
There is no export command for RSd.
When an import command is used for RSd,
both the import policies of <ASN-1>
and the export policies of <ASN-2>
are considered.
EXAMPLES
Here is an example input file:
!
version 10.3
!
interface Ethernet0/0
ip address 198.32.4.1 255.255.255.0
!
router bgp 4550
neighbor 198.32.4.25 remote-as 4551
!
@RtConfig set cisco_map_name = "mymap"
@RtConfig set cisco_access_list_no = 500
@RtConfig import AS4550 198.32.4.1 AS4551 198.32.4.25
!
end
Please see the tests directory in the distribution for more examples.
LIMITATIONS
Cisco Configuration Generation:
-
Policies in IRR which has as-path regular expressions containing [,]
are only converted if (1) it is not a negated set,
(2) it does not contain ranges with more than 10 numbers in the range.
The following examples are not converted:
[^ AS1]
[AS1-AS11]
The first one is not converted because it is a negated set. The second one
is not converted because AS1-AS11 contains 11 numbers.
The following examples are converted:
[AS1 AS56 AS100]
[AS1-AS10]
[AS5 AS100-AS105 AS200 AS300-AS307]
Note that the last example contains 16 numbers which is more than 10. This
is converted since no single range (AS100-AS105 or AS300-AS307) contains
more than 10 numbers.
Gated Configuration Generation:
-
As path regular expressions generated for gated requires ISI's
patches to gated's regular expressions.
ERROR AND WARNING MESSAGES
Error: Unknown RtConfig/RSd command.
-
Wrong rsd command specified, see manpage for details on rsd commands supported.
Error in template file
-
Wrong RtConfig command, syntax or arguments to RtConfig command.
Error: config file format <config_format> is not supported...
-
Unknown config format specified. Supported formats are:
cisco, junos, bcc, gated, rsd.
Error: no object for router: <router_name>
-
inet-rtr object cannot be found in the specified IRR for specified source. It can be a typo or a real error, and the object is non-existent.
Error: no object for AS <as_number>
-
aut-num object cannot be found in the specified IRR for specified source. It can be a typo or a real error, and the object is non-existent.
Unknown operator:
-
Syntax error in format specification, check the description of the printPrefixes command.
Error: Badly formed prefix filter
-
Syntax error in prefix filter specification.
See RFC [2622] (Address prefix filters)
Error: Badly formed AS_path filter
-
Syntax error in AS_path filter specification.
See RFC [2622] (AS_path filters)
Warning: filter matches ANY/NOT ANY
-
Filter is empty or universal, i.e. matches none or all prefixes respectively.
Warning: AS <as_no> has no import(export) policy for AS <peer_as> <peer_IP> at <local_IP>
-
The matching import(export) policy cannot be found in the aut-num object for <as_no>, for peering aut-num <peer_as> with <peer_IP> at <local_IP> address. It can be a typo or your policy is incomplete. Check your aut-num object.
Warning: AS <as_no> has no default policy for AS <peer_as>
-
The matching default policy cannot be found int the aut-num object for <as_no>
Warning: unimplemented method <rp_attr>.<method>
-
Unimplemented method for this rp_attribute is specified. This error indicates that method is correctly specified in RPSL dictionary, but has no actual implementation for RtConfig.
For more error descriptions, please see
Errors
manual page.
AUTHORS
Cengiz Alaettinoglu <cengiz@isi.edu>
Katie Petrusha <katie@ripe.net>
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- IRRToolSet COMMON OPTIONS
-
- OTHER OPTIONS
-
- ENVIRONMENT VARIABLES
-
- RtConfig COMMANDS
-
- EXAMPLES
-
- LIMITATIONS
-
- ERROR AND WARNING MESSAGES
-
- AUTHORS
-
This document was created by
man2html,
using the manual pages.
Time: 09:49:35 GMT, July 03, 2002