aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server/files
diff options
context:
space:
mode:
authorAsbjørn Sloth Tønnesen <asbjorn@labitat.dk>2021-06-18 21:37:08 +0000
committerEmil Renner Berthing <esmil@labitat.dk>2021-06-19 11:05:58 +0200
commit76337d534a85659010385a71d09be488cdcfd112 (patch)
tree661e135c9c10adc3aa90f1856162883461b7fcbd /roles/space_server/files
parentff8ef6bdd84a5edc068069b5ff382c35e2456881 (diff)
downloadlabitat-ansible-76337d534a85659010385a71d09be488cdcfd112.tar.gz
labitat-ansible-76337d534a85659010385a71d09be488cdcfd112.tar.xz
labitat-ansible-76337d534a85659010385a71d09be488cdcfd112.zip
space_server: bird: export prefixes based on communities
We only announce a prefix, if we have recieved it from a customer connection or if we originate it our self. This way we avoid announcing prefixes matching the earlier used, prefix list if we haven't recieved it via the customer connection. This is important for multi-homed labicolo customers. Esmil: consistent brace placement
Diffstat (limited to 'roles/space_server/files')
-rw-r--r--roles/space_server/files/bird.conf15
1 files changed, 7 insertions, 8 deletions
diff --git a/roles/space_server/files/bird.conf b/roles/space_server/files/bird.conf
index 943cd6c..a893cc9 100644
--- a/roles/space_server/files/bird.conf
+++ b/roles/space_server/files/bird.conf
@@ -83,18 +83,17 @@ function is_default_route() {
return false;
}
-function is_customer_route() {
- case net.type {
- NET_IP4: if net ~ local_prefixes_v4 then return true;
- NET_IP6: if net ~ local_prefixes_v6 then return true;
- }
- return false;
+function is_propagated_route() {
+ return bgp_large_community ~ [
+ (local_asn, lc_f_type, lc_type_customer),
+ (local_asn, lc_f_type, lc_type_originate)
+ ];
}
filter kernel_export {
if source !~ [ RTS_BGP, RTS_STATIC ] then reject;
if is_default_route() then accept;
- if is_customer_route() then accept;
+ if is_propagated_route() then accept;
reject;
}
@@ -112,7 +111,7 @@ filter transit_import {
}
filter transit_export {
- if is_customer_route() then accept;
+ if is_propagated_route() then accept;
reject;
}