diff options
author | Asbjørn Sloth Tønnesen <asbjorn@labitat.dk> | 2021-06-18 21:37:08 +0000 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2021-06-19 11:05:58 +0200 |
commit | 76337d534a85659010385a71d09be488cdcfd112 (patch) | |
tree | 661e135c9c10adc3aa90f1856162883461b7fcbd /roles | |
parent | ff8ef6bdd84a5edc068069b5ff382c35e2456881 (diff) | |
download | labitat-ansible-76337d534a85659010385a71d09be488cdcfd112.tar.gz labitat-ansible-76337d534a85659010385a71d09be488cdcfd112.tar.xz labitat-ansible-76337d534a85659010385a71d09be488cdcfd112.zip |
space_server: bird: export prefixes based on communities
We only announce a prefix, if we have recieved it from a customer
connection or if we originate it our self.
This way we avoid announcing prefixes matching the earlier used,
prefix list if we haven't recieved it via the customer connection.
This is important for multi-homed labicolo customers.
Esmil: consistent brace placement
Diffstat (limited to 'roles')
-rw-r--r-- | roles/space_server/files/bird.conf | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/roles/space_server/files/bird.conf b/roles/space_server/files/bird.conf index 943cd6c..a893cc9 100644 --- a/roles/space_server/files/bird.conf +++ b/roles/space_server/files/bird.conf @@ -83,18 +83,17 @@ function is_default_route() { return false; } -function is_customer_route() { - case net.type { - NET_IP4: if net ~ local_prefixes_v4 then return true; - NET_IP6: if net ~ local_prefixes_v6 then return true; - } - return false; +function is_propagated_route() { + return bgp_large_community ~ [ + (local_asn, lc_f_type, lc_type_customer), + (local_asn, lc_f_type, lc_type_originate) + ]; } filter kernel_export { if source !~ [ RTS_BGP, RTS_STATIC ] then reject; if is_default_route() then accept; - if is_customer_route() then accept; + if is_propagated_route() then accept; reject; } @@ -112,7 +111,7 @@ filter transit_import { } filter transit_export { - if is_customer_route() then accept; + if is_propagated_route() then accept; reject; } |