RARE user and assistance email list

[Frédéric LOUI <>]

Hi Preeti,

Welcome on board !

1. server telnet <vrf_name>
In freeRtr you have the concept of a « server". In your question you are 
mentioning « telnet » server which is server use to provide CLI access to 
freeRtr into a specific VRF.
Each server has some properties. Access-class for example give the operator 
to bind an IPv4/IPv6 ACL so that you can filter which IPv4/IPv6 can access 
freeRtr.
Now that being said, telnet server has also a property called: interface:

server telnet MY_SERVER
 security protocol ssh
 security authentication usr
 security rsakey MY_FREERTR_rsakey
 security dsakey MY_FREERTR_dsakey
 security ecdsakey MY_FREERTR_ecdsakey
 port 22
 no exec authorization
 no login authentication
 interface sdn1
 vrf inet
 exit

In the example above the remote CLI access is bound to sdn1 interface.
i.e if you try to connect the router using sdn2 IP -> it will fail.

One should note also that the example above provide a remote access via SSH 
using port 22. (Also declaration in the config of SSH host key MY_FREERTR_* )
For the purist telnet server is then not only telnet daemon. Please see 
freertr « telnet » as a remote CLI access as in JUNOS and IOS/IOSXR.

In your example, all interfaces bind into p4 VRF is allowed.
However, if you look at the config there is no interface bind to VRF p4.

The only object in P4 VRF is the "p4lang server p4"

Therefore in that special case only, the access is possible only if you land 
into Linux either via BMC or P4 switch main board CPU.

A non exhaustive list of server can be found here below: (click on server tab)
http://docs.freertr.org/guides/reference/tabbed/

 
> 
> So do you think any alternate solution to add both ACLs?
2. Basically you create _ONE_ ACL that has both IPv4 and IPv6 rules.

Example:
access-list ACL_MY_FREERTR_ACCESS
sequence 5 permit all 195.111.95.0 255.255.255.224 all any all
sequence 50 permit all FD01:DEAD:BEEF:CC1E:: ffff:ffff:ffff:ffff:: all any all

> How to create a port channel/LAG in FREERTR/rare?

3. You can have documentation here below:
https://wiki.geant.org/display/RARE/Dataplane+specific+feature+list

And ctrl+f -> bundle

And normally you should land here:
http://sources.freertr.org/cfg/p4lang-acl09.tst

The documentation is being reworked and docs.freertr.org could not have p4 
dataplane test documentation.

Other than that freeRtr with pure software forwarder the test case is here:
http://docs.freertr.org/guides/reference/md/conn-bundle01.tst/

Please have a look at this test case. 

If not sufficient we can have a super short VC :)

Feel free to reach us as soon as you are stuck via the mailing list.

All the best
Frederic


> Le 30 janv. 2023 à 19:17, Bhat, Preeti P. <> a écrit :
> 
> Hi All,
> 
> I have a couple of FREERTR/RARE switches and I am configuring them. I have 
> come across a few challenges and I am unable to find a document relevant to 
> my queries. 
> 
> Could you please provide me with the information related to the following 
> queries?
> 
>       • I ran a show running-config command and looked for the server 
> telnet configuration. I got the following detail.  What is the p4 and 
> use-case?<image.png>
>       •  I have created 2 ACLs, 1 for ip4 and 1 for ipv6. I can not add 
> both ACLs to the server telnet oob. In the case of the dell switch, 1 vty 
> line can be added to ipv6 and the rest for ipv4. So do you think any 
> alternate solution to add both ACLs?
> 
>       • How to create a port channel/LAG in FREERTR/rare?
> 
> Many Thanks,
> Preeti Bhat