From 597b4122c5428db223e736ad66b9bf2a7dff3fd3 Mon Sep 17 00:00:00 2001 From: Hafnium Date: Thu, 17 Jun 2021 23:25:46 +0200 Subject: space_server: bird: add bgp peering for Hafnium/AS211153 Commit message and nftables rule fixed up by Esmil --- roles/space_server/files/bird.conf | 18 ++++++++++++++++++ roles/space_server/files/nftables.conf | 1 + 2 files changed, 19 insertions(+) diff --git a/roles/space_server/files/bird.conf b/roles/space_server/files/bird.conf index a733e05..f2e75aa 100644 --- a/roles/space_server/files/bird.conf +++ b/roles/space_server/files/bird.conf @@ -22,6 +22,7 @@ define local_asn = 205235; define fiberby_asn = 42541; define asbjorn_asn = 207727; define graffen_asn = 209616; +define hafnium_asn = 211153; define local_prefixes_v4 = [ 185.38.175.0/24, @@ -54,6 +55,10 @@ define graffen_prefixes_v6 = [ 2001:678:15c::/48 ]; +define hafnium_prefixes_v6 = [ + 2a0e:8f02:f034::/48 +]; + # functions and filters function is_default_route() { @@ -264,3 +269,16 @@ protocol bgp graffen_ipv6 from bgp_customer { export filter { customer_export_and_default(); }; }; } + +# BGP customer: hafnium +protocol bgp hafnium_ipv6 from bgp_customer { + local 2a01:4262:1ab:20::1 as local_asn; + neighbor 2a01:4262:1ab:20::81 as hafnium_asn; + ipv6 { + import limit 10 action block; + receive limit 20 action disable; + import keep filtered on; + import filter { customer_import(hafnium_asn, hafnium_prefixes_v6); }; + export filter { customer_export_and_default(); }; + }; +} diff --git a/roles/space_server/files/nftables.conf b/roles/space_server/files/nftables.conf index 3375826..30cda74 100644 --- a/roles/space_server/files/nftables.conf +++ b/roles/space_server/files/nftables.conf @@ -57,6 +57,7 @@ define colo_net6 = { 2a01:4262:1ab:1100::/60, # Asbjorn 2a01:4262:1ab:1110::/60, # Esmil 2001:678:15c::/48, # graffen + 2a0e:8f02:f034::/48 # Hafnium } define avahi_ifs = { $wire_if, $priv_if, $pass_if } -- cgit v1.2.1