burble.dn42/grc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Server configuration and bird2 example client

Browse Source
This commit is contained in:
Simon Marsh 2019-01-27 14:15:43 +00:00
parent 1c99313350
commit bdd181e736
Signed by: burble
GPG Key ID: 7B9FE8780CFB6593
2 changed files with 188 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
examples/bird2/multiprotocol_client.conf Normal file
View File

@ -0,0 +1,36 @@
##########################################################################
#
# Bird2 Multiprotocol Route Collector Client Example
#
##########################################################################
protocol bgp ROUTE_COLLECTOR
{
local as ***YOUR_AS***;
neighbor fd42:4242:2601:ac12::1 as 4242422601;
multihop;
ipv4 {
# import nothing, export everything
import none;
export all;
# export multiple paths to same destination
add paths tx;
};
ipv6 {
# import nothing, export everything
import none;
export all;
# export multiple paths to same destination
add paths tx;
};
}
##########################################################################
# end of file

152
server/bird/bird.conf Normal file
View File

@ -0,0 +1,152 @@
##########################################################################
#
# BIRD2 Route Collector Configuration
#
##########################################################################
# route collector AS
define GRC_AS = 4242422601;
# router ID
router id 172.20.129.165;
# logging options
log syslog all;
# enable internal watchdog
watchdog warning 5 s;
watchdog timeout 30 s;
# set timeformat for bird_exporter
timeformat protocol iso long;
##########################################################################
# ignore interface up/down events
protocol device { }
##########################################################################
# import filters
# IPv4 import filter
filter rc_peer_import4
{
# only accept valid DN42 networks
# https://git.dn42.us/dn42/registry/src/master/data/filter.txt
if net ~ [
172.20.0.0/14{21,29}, # dn42
172.20.0.0/24{28,32}, # dn42 Anycast
172.21.0.0/24{28,32}, # dn42 Anycast
172.22.0.0/24{28,32}, # dn42 Anycast
172.23.0.0/24{28,32}, # dn42 Anycast
172.31.0.0/16+, # ChaosVPN
10.100.0.0/14+, # ChaosVPN
10.0.0.0/8{15,24} # Freifunk.net
] then accept;
# reject anything else
reject;
}
# IPv6 import filter
filter rc_peer_import6
{
# only accept valid DN42 networks
# https://git.dn42.us/dn42/registry/src/master/data/filter6.txt
if net ~ [
fd00::/8{44,64}
] then accept;
# reject anything else
reject;
}
##########################################################################
# peer templates
# IPv4 only peer
template bgp RC_PEER4 {
local as GRC_AS;
multihop;
ipv4 {
import keep filtered;
import limit 10000 action block;
# accept multiple routes for same desgination
add paths rx;
# import valid DN42 routes, export nothing
import filter rc_peer_import4;
export none;
};
}
# IPv6 only peer
template bgp RC_PEER6 {
local as GRC_AS;
multihop;
ipv6 {
import keep filtered;
import limit 10000 action block;
# accept multiple routes for same desgination
add paths rx;
# import valid DN42 routes, export nothing
import filter rc_peer_import6;
export none;
};
}
# Combined multiprotocol peer
template bgp RC_MULTIPEER {
local as GRC_AS;
multihop;
ipv4 {
import keep filtered;
import limit 10000 action block;
# accept multiple routes for same desgination
add paths rx;
# import valid DN42 routes, export nothing
import filter rc_peer_import4;
export none;
};
ipv6 {
import keep filtered;
import limit 10000 action block;
# accept multiple routes for same desgination
add paths rx;
# import valid DN42 routes, export nothing
import filter rc_peer_import6;
export none;
};
}
##########################################################################
# include peer definitions
include "/etc/bird/peers/*.conf";
##########################################################################
# end of file