mrlesmithjr.frr
Ansible-FRR
Ansible role for installing and configuring FRRouting (FRR).
Note: FRR is a collection of routing protocols for Linux and Unix systems, including tools for BFD, BGP, OSPF, and more.
Build Status
GitHub Actions
Travis CI
Requirements
For required Ansible roles, check requirements.yml.
Role Variables
See defaults/main.yml for variable details.
Dependencies
Example Playbook
Refer to playbook.yml for an example playbook.
Route Maps and Prefix Lists
Route Maps
How to Configure Route Maps
Example configuration for Route Maps:
frr_route_map:
RTBH:
permit 10:
interface: blackhole
prefix_list: Bad_IPs
origin: igp
community: "12345:100"
src: 2001:db8::bf03
RTBH_IN:
deny 10: []
General Options
IP/IPv6 Forwarding
Example for enabling IP and IPv6 forwarding:
frr_ip_forwarding: true
frr_ipv6_forwarding: true
To customize the location for forwarding settings, use:
frr_sysctl_file: /etc/sysctl.d/100-ansible-frr.conf
Next-hop Tracking via Default Route
To enable tracking, use:
frr_nht_resolve_default: true
Prefix Lists
How to Configure Prefix Lists
Example configuration for Prefix Lists:
frr_prefix_list:
Bad_IPs:
05 permit:
prefix: 192.168.88.0/24
match: ge 32
10 permit:
prefix: 172.16.0.0/16
match: le 32
frr_prefix_list_v6:
Bad_IPs:
05 permit:
prefix: 1234:5678::/32
match: ge 128
Access Lists
How to Configure Access Lists
Example configuration for Access Lists:
frr_access_list:
- "10 permit 10.10.10.21/32"
- "10 permit 192.168.0.0/17"
- "101 permit ip 10.0.0.0 0.0.0.255 any"
Bidirectional Forwarding Detection (BFD)
Enable BFD
To enable BFD, set bfdd: true in the configuration:
frr_daemons:
bfdd: true
bgpd: false
isisd: false
ldpd: false
nhrpd: false
ospf6d: false
ospfd: false
pimd: false
ripd: false
ripngd: false
zebra: true
Configuring BFD
BFD settings can be added under BGP neighbor configurations. OSPF BFD is not supported currently.
Supported Routing Protocols
| Protocol | Implemented | Notes |
|---|---|---|
| BGP | Yes | Initial config only |
| OSPF | Yes | Initial config only |
| STATIC | Yes | Initial config only |
BGP
Enable BGP
To enable BGP, set bgpd: true in the configuration:
frr_daemons:
bfdd: false
bgpd: true
isisd: false
ldpd: false
nhrpd: false
ospf6d: false
ospfd: false
pimd: false
ripd: false
ripngd: false
zebra: true
Configuring BGP
Here’s how to configure BGP:
frr_bgp:
asns:
65000:
log_neighbor_changes: true
neighbors:
192.168.250.11:
asn: 65000
... # other settings here
Example BGP Configuration
Example BGP configuration:
frr_bgp:
asns:
65000:
neighbors:
192.168.250.11:
description: node1
...
OSPF
Enable OSPF
To enable OSPF, set ospfd: true:
frr_daemons:
bfdd: false
bgpd: false
isisd: false
ldpd: false
nhrpd: false
ospf6d: false
ospfd: true
pimd: false
ripd: false
ripngd: false
zebra: true
Configuring OSPF
Example OSPF configuration:
frr_ospf:
areas:
0:
networks:
- "{{ frr_router_id }}/32"
STATIC
How to Configure STATIC Routes
Example configuration for static routes:
frr_static:
10.0.0.0/8: 192.168.1.1
Interface Configuration
Interfaces Example
Define interfaces as shown:
frr_interfaces:
lo:
ip: 10.0.0.0/32
Note: Ensure the correct VRF assignment with the command:
ip link set dev ${IFACE} master ${VRF}
Upgrade/Downgrade
Note: Upgrading or downgrading FRR is limited. To set the version, modify
frr_version: 6.0.2orfrr_version: 6.0.
Quagga Configuration
Note: Quagga must be installed from the OS’s local repositories.
To configure Quagga instead of FRR:
routing_type: quagga
License
MIT License
Author Information
Larry Smith Jr.
Note: This repository was created/updated using cookiecutter-ansible-role as a template.
Ansible role to install/configure [FRR](https://frrouting.org/)
ansible-galaxy install mrlesmithjr.frr