space_server: bird: add bgp peering for Hafnium/AS211153

Commit message and nftables rule fixed up by Esmil

2 files changed, 19 insertions, 0 deletions

diff --git a/roles/space_server/files/bird.conf b/roles/space_server/files/bird.conf
index a733e05..f2e75aa 100644
--- a/roles/space_server/files/bird.conf
+++ b/roles/space_server/files/bird.conf
@@ -22,6 +22,7 @@ define local_asn   = 205235;
 define fiberby_asn = 42541;
 define asbjorn_asn = 207727;
 define graffen_asn = 209616;
+define hafnium_asn = 211153;
 
 define local_prefixes_v4 = [
 	185.38.175.0/24,
@@ -54,6 +55,10 @@ define graffen_prefixes_v6 = [
 	2001:678:15c::/48
 ];
 
+define hafnium_prefixes_v6 = [
+	2a0e:8f02:f034::/48
+];
+
 # functions and filters
 
 function is_default_route() {
@@ -264,3 +269,16 @@ protocol bgp graffen_ipv6 from bgp_customer {
 		export filter { customer_export_and_default(); };
 	};
 }
+
+# BGP customer: hafnium
+protocol bgp hafnium_ipv6 from bgp_customer {
+	local 2a01:4262:1ab:20::1 as local_asn;
+	neighbor 2a01:4262:1ab:20::81 as hafnium_asn;
+	ipv6 {
+		import limit 10 action block;
+		receive limit 20 action disable;
+		import keep filtered on;
+		import filter { customer_import(hafnium_asn, hafnium_prefixes_v6); };
+		export filter { customer_export_and_default(); };
+	};
+}
diff --git a/roles/space_server/files/nftables.conf b/roles/space_server/files/nftables.conf
index 3375826..30cda74 100644
--- a/roles/space_server/files/nftables.conf
+++ b/roles/space_server/files/nftables.conf
@@ -57,6 +57,7 @@ define colo_net6 = {
 	2a01:4262:1ab:1100::/60, # Asbjorn
 	2a01:4262:1ab:1110::/60, # Esmil
 	2001:678:15c::/48, # graffen
+	2a0e:8f02:f034::/48 # Hafnium
 }
 
 define avahi_ifs = { $wire_if, $priv_if, $pass_if }