diff options
author | Hafnium <haf@hafnium.me> | 2021-06-17 23:25:46 +0200 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2021-06-17 23:46:43 +0200 |
commit | 597b4122c5428db223e736ad66b9bf2a7dff3fd3 (patch) | |
tree | bc902fbb99de74f8246adb13cc5973024b11294d /roles/space_server/files | |
parent | 3484a1ec6e022b17288884e0d6337000abe9585f (diff) | |
download | labitat-ansible-597b4122c5428db223e736ad66b9bf2a7dff3fd3.tar.gz labitat-ansible-597b4122c5428db223e736ad66b9bf2a7dff3fd3.tar.xz labitat-ansible-597b4122c5428db223e736ad66b9bf2a7dff3fd3.zip |
space_server: bird: add bgp peering for Hafnium/AS211153
Commit message and nftables rule fixed up by Esmil
Diffstat (limited to 'roles/space_server/files')
-rw-r--r-- | roles/space_server/files/bird.conf | 18 | ||||
-rw-r--r-- | roles/space_server/files/nftables.conf | 1 |
2 files changed, 19 insertions, 0 deletions
diff --git a/roles/space_server/files/bird.conf b/roles/space_server/files/bird.conf index a733e05..f2e75aa 100644 --- a/roles/space_server/files/bird.conf +++ b/roles/space_server/files/bird.conf @@ -22,6 +22,7 @@ define local_asn = 205235; define fiberby_asn = 42541; define asbjorn_asn = 207727; define graffen_asn = 209616; +define hafnium_asn = 211153; define local_prefixes_v4 = [ 185.38.175.0/24, @@ -54,6 +55,10 @@ define graffen_prefixes_v6 = [ 2001:678:15c::/48 ]; +define hafnium_prefixes_v6 = [ + 2a0e:8f02:f034::/48 +]; + # functions and filters function is_default_route() { @@ -264,3 +269,16 @@ protocol bgp graffen_ipv6 from bgp_customer { export filter { customer_export_and_default(); }; }; } + +# BGP customer: hafnium +protocol bgp hafnium_ipv6 from bgp_customer { + local 2a01:4262:1ab:20::1 as local_asn; + neighbor 2a01:4262:1ab:20::81 as hafnium_asn; + ipv6 { + import limit 10 action block; + receive limit 20 action disable; + import keep filtered on; + import filter { customer_import(hafnium_asn, hafnium_prefixes_v6); }; + export filter { customer_export_and_default(); }; + }; +} diff --git a/roles/space_server/files/nftables.conf b/roles/space_server/files/nftables.conf index 3375826..30cda74 100644 --- a/roles/space_server/files/nftables.conf +++ b/roles/space_server/files/nftables.conf @@ -57,6 +57,7 @@ define colo_net6 = { 2a01:4262:1ab:1100::/60, # Asbjorn 2a01:4262:1ab:1110::/60, # Esmil 2001:678:15c::/48, # graffen + 2a0e:8f02:f034::/48 # Hafnium } define avahi_ifs = { $wire_if, $priv_if, $pass_if } |