BGP FLowspec to Yang/Yaml ACL
Douglas Fischer
fischerdouglas at gmail.com
Tue Jun 16 18:39:33 UTC 2020
We were looking for some way to implement BGP Flowspec Filtering(just the
permit/deny basic) using L3 switches in an automated way.
Searching a bit we found https://github.com/ios-xr/bgpfs2acl
Is almost what we are looking for!
But is focused on Cisco devices.
We even considered fork it to our specific vendor.
But before reinventing the wheel, I decide to ask to colleagues if anybody
knows some tool that converts BGP Flowspec ACLs into YAML or even to YANG.
If that exists, with Ansible/Netconf/RestConf(or some similar tool), it
would be easy to delegate to Switchs doing the basic filtering that only
More expensive Routers can do by now.
P.S.: This Idea does not include(on the first moment) more complex features
of Flowspec like Redirect ou Rate-Limt.
Any suggestions or ideas?
--
Douglas Fernando Fischer
Engº de Controle e Automação
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200616/9aedaaeb/attachment.html>
More information about the NANOG
mailing list