From bdd181e7365910f397763a4ae8a8acf1dc79dc3e Mon Sep 17 00:00:00 2001 From: Simon Marsh Date: Sun, 27 Jan 2019 14:15:43 +0000 Subject: [PATCH] Server configuration and bird2 example client --- examples/bird2/multiprotocol_client.conf | 36 ++++++ server/bird/bird.conf | 152 +++++++++++++++++++++++ 2 files changed, 188 insertions(+) create mode 100644 examples/bird2/multiprotocol_client.conf create mode 100644 server/bird/bird.conf diff --git a/examples/bird2/multiprotocol_client.conf b/examples/bird2/multiprotocol_client.conf new file mode 100644 index 0000000..38531ee --- /dev/null +++ b/examples/bird2/multiprotocol_client.conf @@ -0,0 +1,36 @@ +########################################################################## +# +# Bird2 Multiprotocol Route Collector Client Example +# +########################################################################## + +protocol bgp ROUTE_COLLECTOR +{ + local as ***YOUR_AS***; + + neighbor fd42:4242:2601:ac12::1 as 4242422601; + multihop; + + ipv4 { + + # import nothing, export everything + import none; + export all; + + # export multiple paths to same destination + add paths tx; + }; + + ipv6 { + + # import nothing, export everything + import none; + export all; + + # export multiple paths to same destination + add paths tx; + }; +} + +########################################################################## +# end of file \ No newline at end of file diff --git a/server/bird/bird.conf b/server/bird/bird.conf new file mode 100644 index 0000000..6c4071b --- /dev/null +++ b/server/bird/bird.conf @@ -0,0 +1,152 @@ +########################################################################## +# +# BIRD2 Route Collector Configuration +# +########################################################################## + +# route collector AS +define GRC_AS = 4242422601; + +# router ID +router id 172.20.129.165; + +# logging options +log syslog all; + +# enable internal watchdog +watchdog warning 5 s; +watchdog timeout 30 s; + +# set timeformat for bird_exporter +timeformat protocol iso long; + +########################################################################## +# ignore interface up/down events + +protocol device { } + +########################################################################## +# import filters + +# IPv4 import filter +filter rc_peer_import4 +{ + # only accept valid DN42 networks + # https://git.dn42.us/dn42/registry/src/master/data/filter.txt + + if net ~ [ + + 172.20.0.0/14{21,29}, # dn42 + 172.20.0.0/24{28,32}, # dn42 Anycast + 172.21.0.0/24{28,32}, # dn42 Anycast + 172.22.0.0/24{28,32}, # dn42 Anycast + 172.23.0.0/24{28,32}, # dn42 Anycast + 172.31.0.0/16+, # ChaosVPN + 10.100.0.0/14+, # ChaosVPN + 10.0.0.0/8{15,24} # Freifunk.net + + ] then accept; + + # reject anything else + reject; +} + +# IPv6 import filter +filter rc_peer_import6 +{ + # only accept valid DN42 networks + # https://git.dn42.us/dn42/registry/src/master/data/filter6.txt + + if net ~ [ + + fd00::/8{44,64} + + ] then accept; + + # reject anything else + reject; +} + +########################################################################## +# peer templates + +# IPv4 only peer +template bgp RC_PEER4 { + + local as GRC_AS; + multihop; + + ipv4 { + import keep filtered; + import limit 10000 action block; + + # accept multiple routes for same desgination + add paths rx; + + # import valid DN42 routes, export nothing + import filter rc_peer_import4; + export none; + }; + +} + +# IPv6 only peer +template bgp RC_PEER6 { + + local as GRC_AS; + multihop; + + ipv6 { + import keep filtered; + import limit 10000 action block; + + # accept multiple routes for same desgination + add paths rx; + + # import valid DN42 routes, export nothing + import filter rc_peer_import6; + export none; + }; + +} + + +# Combined multiprotocol peer +template bgp RC_MULTIPEER { + + local as GRC_AS; + multihop; + + ipv4 { + import keep filtered; + import limit 10000 action block; + + # accept multiple routes for same desgination + add paths rx; + + # import valid DN42 routes, export nothing + import filter rc_peer_import4; + export none; + }; + + ipv6 { + import keep filtered; + import limit 10000 action block; + + # accept multiple routes for same desgination + add paths rx; + + # import valid DN42 routes, export nothing + import filter rc_peer_import6; + export none; + }; + +} + +########################################################################## +# include peer definitions + +include "/etc/bird/peers/*.conf"; + +########################################################################## +# end of file