zhongwei/gh-phaezer-claude-mkt-plugins-networking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
gh-phaezer-claude-mkt-plugi…/commands/generate-frr-config.md
Zhongwei Li 57a131c6fd Initial commit
2025-11-30 08:47:18 +08:00

7.6 KiB
Raw Permalink Blame History

description, argument-hint
description argument-hint
Generate FRRouting configuration files Optional routing requirements

You are initiating FRR configuration generation using a structured workflow to create production-ready FRRouting configuration files.

Workflow Steps

1. Gather Requirements

If the user provides specific requirements in their message, use those directly. Otherwise, ask the user for:

Required Information:

  • Routing protocols needed (BGP, OSPF, IS-IS, RIP, static routes, etc.)
  • Router ID (e.g., 10.0.0.1)
  • Network type (data center leaf-spine, campus core, WAN edge, etc.)

Protocol-Specific Information:

For BGP:

  • Local ASN (e.g., 65001)
  • Neighbor details (IP addresses, remote ASNs)
  • Address families (IPv4 unicast, IPv6 unicast, EVPN, etc.)
  • Route filtering requirements (prefix lists, route maps)
  • BGP authentication (MD5 passwords)
  • Communities and AS-path filtering

For OSPF:

  • OSPF process ID
  • Area design (area 0 backbone, additional areas)
  • Network statements
  • Interface costs and priorities
  • Authentication (if needed)
  • Area types (stub, NSSA, etc.)

For IS-IS:

  • NET address
  • Level design (Level 1, Level 2, or both)
  • Interface metrics
  • Authentication

For BFD:

  • BFD parameters for fast failure detection
  • Target protocols (BGP, OSPF, IS-IS)

Additional Requirements:

  • Static routes needed
  • Route redistribution between protocols
  • Access lists or prefix lists
  • VRF configurations (if multi-tenancy needed)
  • Authentication requirements
  • Specific routing policies

2. Launch frr-config-generator Agent

Use the Task tool to launch the frr-config-generator agent with a detailed prompt containing:

Generate FRR configuration files for the following requirements:

[Insert gathered requirements here with all details]

Please provide:
1. Complete /etc/frr/daemons file
2. Complete /etc/frr/frr.conf configuration
3. Any additional configuration files needed
4. Step-by-step deployment procedure
5. Validation commands to verify the configuration
6. Troubleshooting commands
7. Rollback procedure

3. Review Generated Configuration

When the agent returns the configuration, review it for:

  • Correct syntax for FRR version
  • Proper routing protocol configuration
  • Complete authentication settings
  • Required route filtering
  • Appropriate logging configuration
  • Documentation and comments

4. Validate Configuration Syntax

Provide the user with validation commands they should run:

# Validate FRR configuration syntax
sudo vtysh -c "show running-config" --dry-run

# Check for configuration errors
sudo vtysh -f /etc/frr/frr.conf --dry-run

# Verify daemons file
cat /etc/frr/daemons | grep "yes"

5. Present Deployment Procedure

Ensure the generated configuration includes a safe deployment procedure:

  1. Backup current configuration

    sudo cp /etc/frr/frr.conf /etc/frr/frr.conf.backup.$(date +%Y%m%d_%H%M%S)
sudo cp /etc/frr/daemons /etc/frr/daemons.backup.$(date +%Y%m%d_%H%M%S)

  2. Deploy new configuration

    # Copy new daemons file
sudo cp daemons /etc/frr/daemons

# Copy new configuration
sudo cp frr.conf /etc/frr/frr.conf

# Set correct permissions
sudo chown frr:frr /etc/frr/frr.conf
sudo chmod 640 /etc/frr/frr.conf

  3. Restart FRR services

    # Restart FRR
sudo systemctl restart frr

# Check service status
sudo systemctl status frr

  4. Verify configuration

    # Enter vtysh
sudo vtysh

# Show running configuration
show running-config

# Show protocol-specific status
show ip bgp summary           # For BGP
show ip ospf neighbor         # For OSPF
show isis neighbor            # For IS-IS
show ip route                 # Routing table

6. Provide Validation Commands

Include comprehensive validation commands for each configured protocol:

BGP Validation:

# Check BGP summary
show ip bgp summary

# Check BGP neighbors
show ip bgp neighbors

# Check received/advertised routes
show ip bgp neighbors <neighbor-ip> routes
show ip bgp neighbors <neighbor-ip> advertised-routes

# Check BGP communities
show ip bgp community

OSPF Validation:

# Check OSPF neighbors
show ip ospf neighbor

# Check OSPF database
show ip ospf database

# Check OSPF interfaces
show ip ospf interface

# Check OSPF routes
show ip route ospf

IS-IS Validation:

# Check IS-IS neighbors
show isis neighbor

# Check IS-IS database
show isis database

# Check IS-IS topology
show isis topology

BFD Validation:

# Check BFD peers
show bfd peers

# Check BFD peer details
show bfd peer <neighbor-ip>

7. Include Troubleshooting Commands

Provide troubleshooting commands for common issues:

# Check FRR daemon status
sudo systemctl status frr

# View FRR logs
sudo journalctl -u frr -f

# Check for configuration errors
sudo vtysh -c "show logging"

# Debug BGP
debug bgp updates
debug bgp neighbor-events

# Debug OSPF
debug ospf events
debug ospf packet all

# Clear BGP sessions (use with caution)
clear ip bgp *
clear ip bgp <neighbor-ip>

8. Document Rollback Procedure

Ensure rollback procedure is clearly documented:

# Stop FRR
sudo systemctl stop frr

# Restore backup configuration
sudo cp /etc/frr/frr.conf.backup.YYYYMMDD_HHMMSS /etc/frr/frr.conf
sudo cp /etc/frr/daemons.backup.YYYYMMDD_HHMMSS /etc/frr/daemons

# Restart FRR
sudo systemctl start frr

# Verify rollback
sudo vtysh -c "show running-config"

Best Practices

When generating FRR configurations:

  1. Security First

    • Always use authentication for routing protocols
    • Implement prefix filtering on BGP sessions
    • Use MD5 authentication for BGP neighbors
    • Limit administrative access with ACLs

  2. Routing Protocol Selection

    • BGP: For data center fabrics, WAN, and internet connectivity
    • OSPF: For campus networks and enterprise routing
    • IS-IS: For large service provider networks
    • Static routes: For simple scenarios or specific routing needs

  3. High Availability

    • Configure BFD for fast failure detection
    • Use multiple BGP sessions for redundancy
    • Implement proper OSPF area design
    • Configure appropriate route summarization

  4. Operational Excellence

    • Include comprehensive logging
    • Document all routing policies
    • Use descriptive neighbor names
    • Maintain configuration version control
    • Test in non-production first

  5. Performance Optimization

    • Configure appropriate timers
    • Use route summarization
    • Implement route dampening for BGP
    • Optimize prefix limits

Common Scenarios

Data Center Leaf-Spine BGP

  • Use BGP with eBGP for underlay
  • Implement EVPN for overlay
  • Configure BFD for fast convergence
  • Use route reflectors for scaling

Campus OSPF Network

  • Design multi-area OSPF
  • Use area 0 as backbone
  • Implement stub areas where appropriate
  • Configure OSPF authentication

Internet Edge BGP

  • Implement comprehensive prefix filtering
  • Configure BGP communities
  • Use local preference and MED
  • Implement route dampening
  • Filter bogon prefixes

Notes

  • FRR configuration uses vtysh CLI syntax similar to industry-standard routing platforms
  • Configuration can be managed via /etc/frr/frr.conf or through vtysh interactive CLI
  • Always test routing changes in non-production environments first
  • Monitor routing protocol convergence during changes
  • Keep backup configurations for quick rollback

Example Task Invocation

generate-frr-config I need BGP configuration for a data center leaf switch with ASN 65001, two spine neighbors (192.168.1.1 AS 65100 and 192.168.1.2 AS 65100), advertising loopback 10.0.0.1/32 and local networks 10.10.0.0/24
Reference in New Issue View Git Blame Copy Permalink