exit, firewall: don’t hardcode prefix length

2024-07-10 16:57:08 +02:00 · 2024-07-10 16:57:08 +02:00 · bb41d406f8
parent 2327b42412
commit bb41d406f8
2 changed files with 4 additions and 4 deletions
--- a/roles/exit/templates/frr.conf.j2
+++ b/roles/exit/templates/frr.conf.j2
@ -217,9 +217,9 @@ ipv6 prefix-list fabric permit 2001:1470:fffd:3400::/64 ge 128
    | selectattr('vrf.id', 'in', inside_vrfs|map(attribute='id'))
    | sort(attribute='family.value') | sort(attribute='vlan.vid') %}
 {% if prefix.family.value == 4 %}
-ip prefix-list office permit {{ prefix.prefix }} ge 24
+ip prefix-list office permit {{ prefix.prefix }} ge {{ prefix.prefix | ipaddr('prefix') }}
 {% else %}
-ipv6 prefix-list office permit {{ prefix.prefix }} ge 64
+ipv6 prefix-list office permit {{ prefix.prefix }} ge {{ prefix.prefix | ipaddr('prefix') }}
 {% endif %}
 {% endfor %}

--- a/roles/firewall/templates/frr.conf.j2
+++ b/roles/firewall/templates/frr.conf.j2
@ -85,9 +85,9 @@ ip prefix-list fabric permit 10.34.0.0/24 ge 32
 {% for prefix in vrf_prefixes | rejectattr('vrf.name', '==', 'outside')
    | sort(attribute='family.value') %}
 {% if prefix.family.value == 4 %}
-ip prefix-list office permit {{ prefix.prefix }} ge 24
+ip prefix-list office permit {{ prefix.prefix }} ge {{ prefix.prefix | ipaddr('prefix') }}
 {% elif prefix.family.value == 6 %}
-ipv6 prefix-list office permit {{ prefix.prefix }} ge 64
+ipv6 prefix-list office permit {{ prefix.prefix }} ge {{ prefix.prefix | ipaddr('prefix') }}
 {% endif %}
 {% endfor %}