bird/filters/dn42.conf

89 lines
1.9 KiB
Text
Raw Permalink Normal View History

2020-04-20 04:42:25 +02:00
function is_dn42() {
return net ~ [
172.20.0.0/14{21,29},
172.20.0.0/24{28,32}, # Anycast
172.21.0.0/24{28,32}, # Anycast
172.22.0.0/24{28,32}, # Anycast
172.23.0.0/24{28,32}, # Anycast
fd00::/8{44,64}
];
}
2020-05-03 00:33:40 +02:00
function dn42_import_v4()
bool ok;
2020-04-20 04:42:25 +02:00
{
2020-05-03 00:33:40 +02:00
ok = true;
2020-04-20 04:42:25 +02:00
2020-08-22 02:36:36 +02:00
if bgp_path ~ [= * 4242421331 * =] then reject;
if is_mine_dn42() then
ok = false;
2020-04-20 04:42:25 +02:00
if ! is_dn42() then
2020-05-03 00:33:40 +02:00
ok = false;
if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_VALID then
bgp_large_community.add(informational_rpki_valid);
else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
bgp_large_community.add(informational_rpki_unknown);
else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
2020-08-22 02:36:36 +02:00
print "Ignore ROA invalid ", net, " for ASN ", bgp_path.last, " from ", proto;
2020-05-03 00:33:40 +02:00
bgp_large_community.add(informational_rpki_invalid);
ok = false;
}
else
bgp_large_community.add(informational_rpki_not_checked);
return ok;
2020-04-20 04:42:25 +02:00
}
2020-05-03 00:33:40 +02:00
function dn42_import_v6()
bool ok;
2020-04-20 04:42:25 +02:00
{
2020-05-03 00:33:40 +02:00
ok = true;
2020-04-20 04:42:25 +02:00
2020-08-22 02:36:36 +02:00
if bgp_path ~ [= * 4242421331 * =] then reject;
if is_mine_dn42() then
ok = false;
2020-04-20 04:42:25 +02:00
if ! is_dn42() then
2020-05-03 00:33:40 +02:00
ok = false;
if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_VALID then
bgp_large_community.add(informational_rpki_valid);
else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
bgp_large_community.add(informational_rpki_unknown);
else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
2020-08-22 02:36:36 +02:00
print "Ignore ROA invalid ", net, " for ASN ", bgp_path.last, " from ", proto;
2020-05-03 00:33:40 +02:00
bgp_large_community.add(informational_rpki_invalid);
ok = false;
}
else
bgp_large_community.add(informational_rpki_not_checked);
return ok;
2020-04-20 04:42:25 +02:00
}
2020-05-03 00:33:40 +02:00
function dn42_export_v4()
bool ok;
{
ok = true;
2020-08-22 02:36:36 +02:00
if ! is_dn42() then
2020-05-03 00:33:40 +02:00
ok = false;
2020-04-20 04:42:25 +02:00
2020-05-03 00:33:40 +02:00
return ok;
2020-04-20 04:42:25 +02:00
}
2020-05-03 00:33:40 +02:00
function dn42_export_v6()
bool ok;
{
ok = true;
2020-08-22 02:36:36 +02:00
if ! is_dn42() then
2020-05-03 00:33:40 +02:00
ok = false;
2020-04-20 04:42:25 +02:00
2020-05-03 00:33:40 +02:00
return ok;
2020-04-20 04:42:25 +02:00
}