GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
rtconfig(1) FreeBSD General Commands Manual rtconfig(1)

rtconfig - Tool for producing configs from IRR routing policies

rtconfig [flags]

rtconfig analyzes the routing policies registered in the Internet Routing Registry (IRR) and produces router configuration files. It currently supports cisco and junos router configuration file formats. rtconfig reads lines form the standard input, and prints them to the standard output, except for the lines that start with "@rtconfig" which instruct rtconfig to perform special operation (please see "rtconfig Commands" Section below). rtconfig establishes a whois connection to query IRR.

-help
Print summary of command-line options and abort.
-T [whois_query | whois_response | input | all]
Trace the argument. Useful for debugging.
-D <integer>
Print debugging messages of debug channel <integer> (if compiled with ENABLE_DEBUG defined).
-version
Print the version number and quit.
-h <host-name>
Establish a whois connection to host <host-name>. The default is whois.radb.net.
-p <port-no>
Establish an whois connection to port <port-no>. The default is 43.
-protocol <protocol>
Use the <protocol> to connect to the IRR server. <protocol> can be irrd(rawhoisd) or ripe(bird). The default is irrd.
-s <source-list>
Consider the sources specified in the comma separated <source-list>. If an object is defined in multiple sources in <source-list>, rtconfig uses the definition first encountered in <source-list> from left to right.
-f <file-name>
IRR cache file. You can have any RPSL object in this file, except route objects. They will override these objects in IRR. This option is intended for private objects, or to test new public objects before publishing. You can specify more than one cache file by specifying this option repeatedly.
-rusage
Print resource usage upon completion.
-prompt <new-prompt>
Change the prompt to <new-prompt> when invoked interactively. By default the prompt is "rtconfig> ".
-ignore_errors
Do not print error and warning messages due to communication to the database server or parsing policy objects.
-report_errors
Print error and warning messages due to communication to the database server or parsing policy objects.

-config <config-format>
Produce router configuration in <config-format> which is either cisco (default) or junos.
-no_match_ip_inbound
In older Cisco IOS versions, in-bound route maps did not support ip access-list matches. Use of this option causes rtconfig to use distribute-lists to overcome this limitation.
-asdot
Print AS numbers as asdot, i.e. in "X.Y" format; the default is to use RFC-5396 recommended "asplain" format.
-disable_access_list_cache
rtconfig caches the access-lists (and in the future ip as-path access-lists and route-maps) that it generates so that the same access-list number can be reused instead of generating a new access list. If you do not want rtconfig to consume much memory, -disable_access_list_cache option can be used to turn off this feature. However, if you are short on memory on your cisco box, you should leave this feature enabled.
-supress_martian
Deprecated. Properly maintained martian and bogon lists are visible in both the RIPE and Merit whois servers (e.g. "fltr-bogons", "fltr-unallocated" and "fltr-martian" objects), and can be referenced using standard RPSL.
-cisco_no_compress_acls
This option only affects cisco configurations. This option is used to disable combining multiple cisco access list lines into a single line using wildcards whenever possible.
-cisco_use_prefix_lists
This option only affects cisco configurations. This option instructs rtconfig to output prefix-lists which yield higher performace than access-lists. This flag implies -cisco_compress_acls.
-cisco_eliminate_dup_map_parts
This option only affects cisco configurations. This option instructs rtconfig to eliminate a later map part if its filter is covered by earlier map parts.
-cisco_skip_route_maps
This option only affects cisco configurations. This option instructs rtconfig not to print route maps, hence it only prints access lists.
-cisco_force_tilda
This option only affects cisco configurations. It forces * and + operators in AS path regular expressions to be interpreted as ~* and ~+ operators. This is useful if you get as path access lists with real long lines, it will force them to multiple lines.
-cisco_empty_lists
This option only affects Cisco configurations. It forces interpreting ANY/NOT ANY prefix filters as universal/empty set of prefixes, and produces access lists for them. By default only warning is issued.
-cisco_no_default_afi
Causes rtconfig not to assume that ipv4.unicast is the router's default address family. IPv4 peers will then have ipv4.unicast explicitly activated and policy will be set in ipv4.unicast address family. Useful when the router is configured with "no bgp default ipv4-unicast".
-junos_and_not_or
This option only affects Juniper configurations. Modify rtconfig Junos behaviour to match Cisco - AND community & prefix lists rather than OR'ing them.
-junos_replace
This option only affects Juniper configurations. Output replace: statements to be used with "load replace" on Junos.

IRR_HOST
Specifies the IRR host to connect.
IRR_PORT
Specifies the IRR port number to connect.
IRR_SOURCES
Specifies the source list (comma separated) to consider.

Command line options take precedence over environment variables.

rtconfig copies standard input to standard output except when it encounters rtconfig commands on the standard input. All rtconfig commands start with "@rtconfig" at the beginning of a line. Currently the following commands are implemented:
@rtconfig import <ASN-1> <rtr-1> <ASN-2> <rtr-2>
<ASN-1> and <ASN-2> are AS numbers preceded with string "AS". For example, AS number 1 is specified as "AS1". <rtr-1> and <rtr-2> are ip addresses in prefix notation. For example, the router with address 128.9.128.9 is specified as "128.9.128.9". This command instructs rtconfig to generate import filters where <rtr-1> in <ASN-1> is importing routes from <rtr-2> in <ASN-2>. The appropriate filters are generated by considering the import/mp-import lines for <ASN-2>-<rtr-1>-<rtr-2> in the aut-num object for <ASN-1>.
@rtconfig export <ASN-1> <rtr-1> <ASN-2> <rtr-2>
The arguments of the export command are the same as the import command. This command instructs rtconfig to generate export filters where <rtr-1> in <ASN-1> is exporting routes to <rtr-2> in <ASN-2>. The appropriate filters are generated by considering the export/mp-export lines for <ASN-2>-<rtr-1>-<rtr-2> in the aut-num object for <ASN-1>.
@rtconfig configureRouter <inet-rtr-name>
<inet-rtr-name> is the DNS name of an inet-rtr object. This command will use the named inet-rtr object, and configure import/mp-import and export/mp-export policies for each of the BGP4 peers of the router (using the peer attribute).
@rtconfig importPeerGroup <ASN-1> <rtr-1> <ASN-2> <rtr-2> <peering-set-name>
Required when using JunOS to place the import policies inside the correct peer group.
@rtconfig importGroup <ASN-1> <peering-set-name>
@rtconfig exportGroup <ASN-1> <peering-set-name>
<peering-set-name> is a name of a peering set object. This command instructs rtconfig to generate import/mp-import (export/mp-export) filters where <ASN-1> is importing (exporting) routes from (to) the peers listed in <peering-set-name>. The aut-num object for <ASN-1> should have an import/mp-import (export/mp-export) attribute using the peering set's name.
@rtconfig static2bgp <ASN-1> <rtr-1>
This command instructs rtconfig to generate inject filters where <rtr-1> in <ASN-1> is injecting static routes into BGP4. The appropriate filters are generated by considering the import/mp-import policies of <ASN-1> where "protocol STATIC" or "protocol STATIC into BGP4" is used.
@rtconfig set sources = <source-list>
<source-list> is string containing comma separated list of sources to consider. This command instructs rtconfig to change the list of sources considered.
@rtconfig access_list filter <filter>
<filter> is an RPSL filter over AS numbers, AS set names and route set names using operators AND, OR and NOT. This command instructs rtconfig to generate an access list for <filter>. <mp-filter> is also accepted.
@rtconfig aspath_access_list filter <filter>
<filter> is an RPSL filter over AS path regular expressions using operators AND, OR and NOT. This command instructs rtconfig to generate an as path access list for <filter>.
@rtconfig printPrefixes <format> filter <filter>
<format> is a quoted string, and <filter> is an RPSL filter over AS numbers, AS set names and route set names using operators AND, OR and NOT, <mp-filter> is also accepted. This command instructs rtconfig to print the prefixes in <filter> using <format>. The <format> can contain the following escape sequences:
      %p	prefix
      %l	length
      %L	32-length
      %n	n   (%p/%l^%n-%m, e.g. 128.9.0.0/16^24-32)
      %m	m
      %k	mask
      %K	inverse of mask (i.e. ~mask)
      %%	%
      \n	carriage return
      \t	tab
    
Example, use:
   @rtconfig printPrefixes "net %p \tmask %k\n" filter AS1
    
@rtconfig printPrefixRanges <format> filter <filter>
This command is same as the "printPrefixes" command, except the consecutive address prefixes are compressed into a single address prefix range. <mp-filter> is also accepted.
@rtconfig printSuperPrefixRanges <format> filter <filter>
This command is same as the "printPrefixRanges" command, except it compresses more aggresively. The %n and %m information is lost. But, %D, a set of dont care bits representing different %n-%m ranges are provided. <mp-filter> is also accepted.
@rtconfig set prefix_acl_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering prefix access lists at <no>. The older term "cisco_prefix_acl_no" is deprecated but kept as an alias.
@rtconfig set aspath_acl_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering aspath access lists at <no>. The older term "cisco_aspath_acl_no" is deprecated but kept as an alias.
@rtconfig set pktfilter_acl_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering inbound/outbound packet filter access lists at <no>. The older term "cisco_pktfilter_acl_no" is deprecated but kept as an alias.
@rtconfig set community_acl_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering community access lists at <no>. The older term "cisco_community_acl_no" is deprecated but kept as an alias.

Cisco specific commands:

@rtconfig set cisco_map_name = <map-name>
<map-name> is a quoted string. This command instructs rtconfig to use <map-name> as the name for the route maps generated. If the <map-name> contains %d, it will be replaced by the peer's AS number. If it contains a second %d, it will be replaced by an integer that is incremented each time a new map is generated (to ensure unique map names). The default cisco_map_name is "MyMap_%d_%d".
@rtconfig set cisco_map_first_no = <no>
<no> is an integer. This command instructs rtconfig to use <no> as the first number of a newly generated route map. If missing, 1 is used.
@rtconfig set cisco_map_increment_by = <no>
<no> is an integer. This command instructs rtconfig to increment route map numbers by <no>. If missing, successive route maps are numbered by increments of 1.
@rtconfig set community_set_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering community sets at <no>.
@rtconfig set cisco_access_list_no = <no>
<no> is an integer. This command instructs rtconfig to start numbering all access lists at <no>.
@rtconfig set cisco_max_preference = <no>
<no> is an integer defaulting to 1000. This command instructs rtconfig to start using preferences from <no> (most preferred) and counting down from there.
@rtconfig networks <ASN-1>
<ASN-1> is an AS number preceded with string "AS". For each route registered with origin <ASN-1>, a network statement of the form "network <prefix> mask <mask>" is generated.
@rtconfig v6networks <ASN-1>
<ASN-1> is an AS number preceded with string "AS". For each route6 registered with origin <ASN-1>, a network statement of the form "network <prefix> mask <mask>" is generated.
@rtconfig default <ASN-1> <ASN-2>
<ASN-1> and <ASN-2> are AS numbers preceded with string "AS". This command instructs rtconfig to generate "ip default-network" statements where <ASN-1> is defaulting to <ASN-2>. The appropriate statements are generated for the network addresses listed in the default attribute for <ASN-2> in the aut-num object of <ASN-1>.
@rtconfig inbound_pkt_filter <if-name> <ASN-1> <rtr-1> <ASN-2> <rtr-2>
The arguments of the inbound_pkt_filter command are the same as the import command. This command instructs rtconfig to generate packet filters where <rtr-1> in <ASN-1> is going to drop data packets that are received from <rtr-2> in <ASN-2>, but do not have source addresses inside the address prefixes imported from this peer. The appropriate filters are generated by considering the import lines for <ASN-2>-<rtr-1>-<rtr-2> in the aut-num object for <ASN-1>. The filter is applied to the interface <if-name> in the inbound direction. The <if-name> is a string and must be enclosed in double quotes.
@rtconfig pkt_filter <if-name> <ASN-1> <rtr-1> <ASN-2> <rtr-2>
An alias for inbound_pkt_filter. Now deprecated.
@rtconfig outbound_pkt_filter <if-name> <ASN-1> <rtr-1> <ASN-2> <rtr-2>
Same as the pkt_filter command, except the appropriate filters are generated by considering the export lines for <ASN-2>-<rtr-1>-<rtr-2> in the aut-num object for <ASN-1>. The filter is applied to the interface <if-name> in the outbound direction.

Junos specific commands:

@rtconfig set junos_policy_name = <policy-name>
<policy-name> is a quoted string. This command instructs rtconfig to use <policy-name> as the name for the policy statements generated. If the <policy-name> contains %d, it will be replaced by the peer's AS number. If it contains a second %d, it will be replaced by an integer that is incremented each time a new map is generated (to ensure unique map names). The default junos_map_name is "policy_%d_%d".
@rtconfig networks <ASN-1>
<ASN-1> is an AS number preceded with string "AS". For each route registered with origin <ASN-1>, a network statement of the form "network <prefix> mask <mask>" is generated. This needs to be Juniperized.

Here is an example input file:
	!
	version 10.3
	!
	interface Ethernet0/0
	 ip address 198.32.4.1 255.255.255.0
	!
	router bgp 4550
	 neighbor 198.32.4.25 remote-as 4551
	!
	@rtconfig set cisco_map_name = "mymap"
	@rtconfig set cisco_access_list_no = 500
	@rtconfig import AS4550 198.32.4.1 AS4551 198.32.4.25
	!
	end

Please see the tests directory in the distribution for more examples.

Cisco Configuration Generation:

Policies in IRR which has as-path regular expressions containing [,] are only converted if (1) it is not a negated set, (2) it does not contain ranges with more than 10 numbers in the range. The following examples are not converted:
	[^ AS1]
	[AS1-AS11]
The first one is not converted because it is a negated set. The second one is not converted because AS1-AS11 contains 11 numbers. The following examples are converted:
	[AS1 AS56 AS100]
	[AS1-AS10]
	[AS5 AS100-AS105 AS200 AS300-AS307]
Note that the last example contains 16 numbers which is more than 10. This is converted since no single range (AS100-AS105 or AS300-AS307) contains more than 10 numbers.

Error in template file

Wrong rtconfig command, syntax or arguments to rtconfig command.

Error: config file format <config_format> is not supported...

Unknown config format specified. Supported formats are: cisco, junos.

Error: no object for router: <router_name>

inet-rtr object cannot be found in the specified IRR for specified source. It can be a typo or a real error, and the object is non-existent.

Error: no object for AS <as_number>

aut-num object cannot be found in the specified IRR for specified source. It can be a typo or a real error, and the object is non-existent.

Unknown operator:

Syntax error in format specification, check the description of the printPrefixes command.

Error: Badly formed prefix filter

Syntax error in prefix filter specification. See RFC [2622] (Address prefix filters)

Error: Badly formed AS_path filter

Syntax error in AS_path filter specification. See RFC [2622] (AS_path filters)

Warning: filter matches ANY/NOT ANY

Filter is empty or universal, i.e. matches none or all prefixes respectively.

Warning: AS <as_no> has no import(export) policy for AS <peer_as> <peer_IP> at <local_IP>

The matching import(export) policy cannot be found in the aut-num object for <as_no>, for peering aut-num <peer_as> with <peer_IP> at <local_IP> address. It can be a typo or your policy is incomplete. Check your aut-num object.

Warning: AS <as_no> has no default policy for AS <peer_as>

The matching default policy cannot be found int the aut-num object for <as_no>

Warning: unimplemented method <rp_attr>.<method>

Unimplemented method for this rp_attribute is specified. This error indicates that method is correctly specified in RPSL dictionary, but has no actual implementation for rtconfig.

For more error descriptions, please see irrtoolset-errors manual page.

Cengiz Alaettinoglu <cengiz@isi.edu> Katie Petrusha <katie@ripe.net>
local

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.