DEFUN (bgp_listen_range,
bgp_listen_range_cmd,
- "bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group WORD",
+ "bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group PGNAME",
"BGP specific commands\n"
"Configure BGP dynamic neighbors listen range\n"
"Configure BGP dynamic neighbors listen range\n"
argv_find(argv, argc, "A.B.C.D/M", &idx);
argv_find(argv, argc, "X:X::X:X/M", &idx);
char *prefix = argv[idx]->arg;
- argv_find(argv, argc, "WORD", &idx);
+ argv_find(argv, argc, "PGNAME", &idx);
char *peergroup = argv[idx]->arg;
/* Convert IP prefix string to struct prefix. */
DEFUN (no_bgp_listen_range,
no_bgp_listen_range_cmd,
- "no bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group WORD",
+ "no bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group PGNAME",
NO_STR
"BGP specific commands\n"
"Unconfigure BGP dynamic neighbors listen range\n"
DEFUN (neighbor_interface_config,
neighbor_interface_config_cmd,
- "neighbor WORD interface [peer-group WORD]",
+ "neighbor WORD interface [peer-group PGNAME]",
NEIGHBOR_STR
"Interface name or neighbor tag\n"
"Enable BGP on interface\n"
DEFUN (neighbor_interface_config_v6only,
neighbor_interface_config_v6only_cmd,
- "neighbor WORD interface v6only [peer-group WORD]",
+ "neighbor WORD interface v6only [peer-group PGNAME]",
NEIGHBOR_STR
"Interface name or neighbor tag\n"
"Enable BGP on interface\n"
DEFUN (no_neighbor_interface_config,
no_neighbor_interface_config_cmd,
- "no neighbor WORD interface [v6only] [peer-group WORD] [remote-as <(1-4294967295)|internal|external>]",
+ "no neighbor WORD interface [v6only] [peer-group PGNAME] [remote-as <(1-4294967295)|internal|external>]",
NO_STR
NEIGHBOR_STR
"Interface name\n"
DEFUN (neighbor_set_peer_group,
neighbor_set_peer_group_cmd,
- "neighbor <A.B.C.D|X:X::X:X|WORD> peer-group WORD",
+ "neighbor <A.B.C.D|X:X::X:X|WORD> peer-group PGNAME",
NEIGHBOR_STR
NEIGHBOR_ADDR_STR2
"Member of the peer-group\n"
}
ALIAS_HIDDEN(neighbor_set_peer_group, neighbor_set_peer_group_hidden_cmd,
- "neighbor <A.B.C.D|X:X::X:X|WORD> peer-group WORD",
+ "neighbor <A.B.C.D|X:X::X:X|WORD> peer-group PGNAME",
NEIGHBOR_STR NEIGHBOR_ADDR_STR2
"Member of the peer-group\n"
"Peer-group name\n")
DEFUN (no_neighbor_set_peer_group,
no_neighbor_set_peer_group_cmd,
- "no neighbor <A.B.C.D|X:X::X:X|WORD> peer-group WORD",
+ "no neighbor <A.B.C.D|X:X::X:X|WORD> peer-group PGNAME",
NO_STR
NEIGHBOR_STR
NEIGHBOR_ADDR_STR2
}
ALIAS_HIDDEN(no_neighbor_set_peer_group, no_neighbor_set_peer_group_hidden_cmd,
- "no neighbor <A.B.C.D|X:X::X:X|WORD> peer-group WORD",
+ "no neighbor <A.B.C.D|X:X::X:X|WORD> peer-group PGNAME",
NO_STR NEIGHBOR_STR NEIGHBOR_ADDR_STR2
"Member of the peer-group\n"
"Peer-group name\n")
/* one clear bgp command to rule them all */
DEFUN (clear_ip_bgp_all,
clear_ip_bgp_all_cmd,
- "clear [ip] bgp [<view|vrf> VIEWVRFNAME] ["BGP_AFI_CMD_STR" ["BGP_SAFI_WITH_LABEL_CMD_STR"]] <*|A.B.C.D|X:X::X:X|WORD|(1-4294967295)|external|peer-group WORD> [<soft [<in|out>]|in [prefix-filter]|out>]",
+ "clear [ip] bgp [<view|vrf> VIEWVRFNAME] ["BGP_AFI_CMD_STR" ["BGP_SAFI_WITH_LABEL_CMD_STR"]] <*|A.B.C.D|X:X::X:X|WORD|(1-4294967295)|external|peer-group PGNAME> [<soft [<in|out>]|in [prefix-filter]|out>]",
CLEAR_STR
IP_STR
BGP_STR
if (argv_find_and_parse_afi(argv, argc, &idx, &afi))
argv_find_and_parse_safi(argv, argc, &idx, &safi);
- /* <*|A.B.C.D|X:X::X:X|WORD|(1-4294967295)|external|peer-group WORD> */
+ /* <*|A.B.C.D|X:X::X:X|WORD|(1-4294967295)|external|peer-group PGNAME> */
if (argv_find(argv, argc, "*", &idx)) {
clr_sort = clear_all;
} else if (argv_find(argv, argc, "A.B.C.D", &idx)) {
clr_sort = clear_group;
idx++;
clr_arg = argv[idx]->arg;
- } else if (argv_find(argv, argc, "WORD", &idx)) {
+ } else if (argv_find(argv, argc, "PGNAME", &idx)) {
clr_sort = clear_peer;
clr_arg = argv[idx]->arg;
} else if (argv_find(argv, argc, "(1-4294967295)", &idx)) {
vty_out(vty, "This config option is deprecated, and is scheduled for removal.\n");
vty_out(vty, "if you are using this please migrate to the below command.\n");
vty_out(vty, "'no bgp large-community-list <(1-99)|(100-500)|standard|expanded> <deny|permit> <LINE|AA:BB:CC>'\n");
- zlog_warn("Deprecated option: 'no ip large-community-list <(1-99)|(100-500)|standard|expanded> <deny|permit> <LINE|AA:BB:CC>' being used");
+ zlog_warn("Deprecated option: 'no ip large-community-list <(1-99)|(100-500)|standard|expanded> <deny|permit> <LINE|AA:BB:CC>' being used");
}
argv_find(argv, argc, "permit", &idx);
argv_find(argv, argc, "deny", &idx);
peers ASN is the same as mine as specified under the :clicmd:`router bgp ASN`
command the connection will be denied.
+.. index:: [no] bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group PGNAME
+.. clicmd:: [no] bgp listen range <A.B.C.D/M|X:X::X:X/M> peer-group PGNAME
+
+ Accept connections from any peers in the specified prefix. Configuration
+ from the specified peer-group is used to configure these peers.
+
+.. note::
+
+ When using BGP listen ranges, if the associated peer group has TCP MD5
+ authentication configured, your kernel must support this on prefixes. On
+ Linux, this support was added in kernel version 4.14. If your kernel does
+ not support this feature you will get a warning in the log file, and the
+ listen range will only accept connections from peers without MD5 configured.
+
+ Additionally, we have observed that when using this option at scale (several
+ hundred peers) the kernel may hit its option memory limit. In this situation
+ you will see error messages like:
+
+ ``bgpd: sockopt_tcp_signature: setsockopt(23): Cannot allocate memory``
+
+ In this case you need to increase the value of the sysctl
+ ``net.core.optmem_max`` to allow the kernel to allocate the necessary option
+ memory.
+
.. _bgp-configuring-peers:
Configuring Peers
This command defines a new peer group.
-.. index:: neighbor PEER peer-group WORD
-.. clicmd:: neighbor PEER peer-group WORD
+.. index:: neighbor PEER peer-group PGNAME
+.. clicmd:: neighbor PEER peer-group PGNAME
This command bind specific peer to peer group WORD.
projects / matthieu / frr.git / commitdiff