From e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84 Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Tue, 7 Nov 2017 16:27:49 +0100 Subject: initial commit --- roles/space_server/files/bird/bird.conf | 7 +++++++ roles/space_server/files/bird/bird6.conf | 7 +++++++ roles/space_server/files/bird/filter.conf | 31 ++++++++++++++++++++++++++++ roles/space_server/files/bird/peers4.conf | 11 ++++++++++ roles/space_server/files/bird/peers6.conf | 11 ++++++++++ roles/space_server/files/bird/protocols.conf | 15 ++++++++++++++ roles/space_server/files/bird/symbol4.conf | 5 +++++ roles/space_server/files/bird/symbol6.conf | 5 +++++ roles/space_server/files/bird/templates.conf | 18 ++++++++++++++++ 9 files changed, 110 insertions(+) create mode 100644 roles/space_server/files/bird/bird.conf create mode 100644 roles/space_server/files/bird/bird6.conf create mode 100644 roles/space_server/files/bird/filter.conf create mode 100644 roles/space_server/files/bird/peers4.conf create mode 100644 roles/space_server/files/bird/peers6.conf create mode 100644 roles/space_server/files/bird/protocols.conf create mode 100644 roles/space_server/files/bird/symbol4.conf create mode 100644 roles/space_server/files/bird/symbol6.conf create mode 100644 roles/space_server/files/bird/templates.conf (limited to 'roles/space_server/files/bird') diff --git a/roles/space_server/files/bird/bird.conf b/roles/space_server/files/bird/bird.conf new file mode 100644 index 0000000..2ae72f0 --- /dev/null +++ b/roles/space_server/files/bird/bird.conf @@ -0,0 +1,7 @@ +router id 185.38.175.0; + +include "bird/symbol4.conf"; +include "bird/filter.conf"; +include "bird/protocols.conf"; +include "bird/templates.conf"; +include "bird/peers4.conf"; diff --git a/roles/space_server/files/bird/bird6.conf b/roles/space_server/files/bird/bird6.conf new file mode 100644 index 0000000..91b5405 --- /dev/null +++ b/roles/space_server/files/bird/bird6.conf @@ -0,0 +1,7 @@ +router id 185.38.175.0; + +include "bird/symbol6.conf"; +include "bird/filter.conf"; +include "bird/protocols.conf"; +include "bird/templates.conf"; +include "bird/peers6.conf"; diff --git a/roles/space_server/files/bird/filter.conf b/roles/space_server/files/bird/filter.conf new file mode 100644 index 0000000..3edc053 --- /dev/null +++ b/roles/space_server/files/bird/filter.conf @@ -0,0 +1,31 @@ +function accept_default_route() +{ + if net = DEFAULT_ROUTE then { + accept; + } +} + +function accept_prefixes(prefix set prefixes) +{ + if net ~ prefixes then { + accept; + } +} + +filter fallback_filter { + reject "WARNING!! no filter set, all routes will be rejected"; +} + +filter transit_import +{ + accept_default_route(); + + reject; +} + +filter transit_export +{ + accept_prefixes(LABITAT_PREFIXES); + + reject; +} diff --git a/roles/space_server/files/bird/peers4.conf b/roles/space_server/files/bird/peers4.conf new file mode 100644 index 0000000..6f0cc96 --- /dev/null +++ b/roles/space_server/files/bird/peers4.conf @@ -0,0 +1,11 @@ +template bgp fiberby from bgp_transit { +} + +protocol bgp fiberby_tgc from fiberby { + preference 90; + neighbor 193.106.167.41 as 42541; +} + +protocol bgp fiberby_inx from fiberby { + neighbor 193.106.167.42 as 42541; +} diff --git a/roles/space_server/files/bird/peers6.conf b/roles/space_server/files/bird/peers6.conf new file mode 100644 index 0000000..ee1fbfe --- /dev/null +++ b/roles/space_server/files/bird/peers6.conf @@ -0,0 +1,11 @@ +template bgp fiberby from bgp_transit { +} + +protocol bgp fiberby_tgc from fiberby { + preference 90; + neighbor 2a03:5440:1:2935:1ab::1 as 42541; +} + +protocol bgp fiberby_inx from fiberby { + neighbor 2a03:5440:1:2935:1ab::2 as 42541; +} diff --git a/roles/space_server/files/bird/protocols.conf b/roles/space_server/files/bird/protocols.conf new file mode 100644 index 0000000..b84c6ac --- /dev/null +++ b/roles/space_server/files/bird/protocols.conf @@ -0,0 +1,15 @@ +protocol device { + scan time 10; +} + +protocol direct { +} + +protocol kernel { + metric 64; + learn; + persist; + scan time 20; + import all; + export all; +} diff --git a/roles/space_server/files/bird/symbol4.conf b/roles/space_server/files/bird/symbol4.conf new file mode 100644 index 0000000..80a8ed6 --- /dev/null +++ b/roles/space_server/files/bird/symbol4.conf @@ -0,0 +1,5 @@ +define DEFAULT_ROUTE = 0.0.0.0/0; + +define LABITAT_PREFIXES = [ + 185.38.175.0/24 +]; diff --git a/roles/space_server/files/bird/symbol6.conf b/roles/space_server/files/bird/symbol6.conf new file mode 100644 index 0000000..daed1b8 --- /dev/null +++ b/roles/space_server/files/bird/symbol6.conf @@ -0,0 +1,5 @@ +define DEFAULT_ROUTE = ::/0; + +define LABITAT_PREFIXES = [ + 2a01:4260:1ab::/48 +]; diff --git a/roles/space_server/files/bird/templates.conf b/roles/space_server/files/bird/templates.conf new file mode 100644 index 0000000..4334bd8 --- /dev/null +++ b/roles/space_server/files/bird/templates.conf @@ -0,0 +1,18 @@ +template bgp bgp_peer { + local as 205235; + import keep filtered; + import filter fallback_filter; + export filter fallback_filter; + import limit 1000 action block; + receive limit 1500 action disable; + export limit 100 action block; + hold time 60; +} + +template bgp bgp_transit from bgp_peer { + preference 100; + import limit off; + receive limit off; + import filter transit_import; + export filter transit_export; +} -- cgit v1.2.1