BGP FLowspec to Yang/Yaml ACL

• Previous message (by thread): Client-side information gathering tool
• Next message (by thread): BGP FLowspec to Yang/Yaml ACL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We were looking for some way to implement BGP Flowspec Filtering(just the
permit/deny basic) using L3 switches  in an automated way.

Searching a bit we found https://github.com/ios-xr/bgpfs2acl

Is almost what we are looking for!
But is focused on Cisco devices.

We even considered fork it to our specific vendor.
But before reinventing the wheel, I decide to ask to colleagues if anybody
knows some tool that converts BGP Flowspec ACLs into YAML or even to YANG.

If that exists, with Ansible/Netconf/RestConf(or some similar tool), it
would be easy to delegate to Switchs doing the basic filtering that only
More expensive Routers can do by now.


P.S.: This Idea does not include(on the first moment) more complex features
of Flowspec like Redirect ou Rate-Limt.

Any suggestions or ideas?




-- 
Douglas Fernando Fischer
Engº de Controle e Automação
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200616/9aedaaeb/attachment.html>

• Previous message (by thread): Client-side information gathering tool
• Next message (by thread): BGP FLowspec to Yang/Yaml ACL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]