-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbird_head.conf
134 lines (110 loc) · 2.59 KB
/
bird_head.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
router id 10.198.2.1;
table ffwp; # BGP Peerings
table ibgp;
table icvpn; # BGP Peerings (ICVPN)
table freifunk; # Kernel table 42 (Routing from Freifunk networks)
function is_freifunk() {
return ( (net ~ [10.0.0.0/8+]) && !(net ~ [10.8.0.0/14+]) );
}
function is_dn42() {
return ( (net ~ [172.22.0.0/15+]) || (net ~ [172.20.0.0/16+]) );
}
function is_self_net() {
return (net ~ [10.198.0.0/16+]);
}
function is_self() {
return (proto = "static_ffwp");
}
filter ffwp_internal_export {
if (proto = "local_ffwp") then accept;
if (source != RTS_BGP && proto != "pipe_icvpn") then reject;
if (proto ~ "bgp_ibgp_*") then reject;
if (is_self_net()) then reject;
accept;
}
protocol pipe pipe_ffwp {
peer table ffwp;
import all;
export none;
};
protocol pipe pipe_icvpn {
table ffwp;
peer table icvpn;
export where is_self();
import all;
mode opaque;
};
protocol pipe pipe_freifunk {
peer table freifunk;
import none;
export all;
};
protocol pipe pipe_ibgp {
peer table ibgp;
import all;
export where !is_self_net();
mode opaque;
};
protocol kernel kernel_master {
scan time 20;
import none;
export filter {
krt_prefsrc = 10.198.2.1;
accept;
};
};
protocol kernel kernel_freifunk {
scan time 20;
import none;
export filter {
krt_prefsrc = 10.198.2.1;
accept;
};
table freifunk;
device routes;
kernel table 42;
};
# This pseudo-protocol watches all interface up/down events.
protocol device {
scan time 10; # Scan interfaces every 10 seconds
};
protocol static unreachable_default {
table freifunk;
route 0.0.0.0/0 reject;
};
protocol static static_ffwp {
table ffwp;
route 10.198.0.0/16 reject;
};
protocol static local_ffwp {
table ffwp;
route 10.198.0.0/18 via "br-ffwp";
};
template bgp bgp_ibgp {
table ffwp;
local as 65242;
source address 10.198.2.1; # edit: own ip of gateway
import all;
export where source = RTS_BGP;
#gateway direct;
next hop self;
};
template bgp bgp_icvpn {
local as 65242;
table icvpn;
import where ((is_freifunk() || is_dn42()) && !is_self_net());
export all;
};
# iBGP (siehe IPv6; ggf. eigenen Eintrag entfernen, falls von anderem gateway übernommen, bzw. neuen gateway )
#protocol bgp gw01 from bgp_ibgp {
# neighbor 10.198.2.1 as 65242;
#};
protocol bgp gw02 from bgp_ibgp {
neighbor 10.198.4.1 as 65242;
};
protocol bgp gw03 from bgp_ibgp {
neighbor 10.198.6.1 as 65242;
};
protocol bgp gw04 from bgp_ibgp {
neighbor 10.198.8.1 as 65242;
};