Compare commits
No commits in common. "edgy" and "moon" have entirely different histories.
44 changed files with 139 additions and 1394 deletions
|
|
@ -1,7 +1,6 @@
|
|||
|
||||
log syslog all;
|
||||
|
||||
router id 172.23.156.14;
|
||||
router id 172.23.156.2;
|
||||
|
||||
timeformat base iso long;
|
||||
timeformat log iso long;
|
||||
|
|
@ -23,7 +22,6 @@ protocol device {
|
|||
protocol direct {
|
||||
ipv4;
|
||||
ipv6;
|
||||
|
||||
interface "virbr*", "wg-*", "sit-*", "idrac", "eno*", "tobi", "manu", "tun*";
|
||||
}
|
||||
|
||||
interface "bond0", "wg-*", "virbr*";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ define cymru_fullbogons = (65332, 888);
|
|||
# Well-known: https://www.iana.org/assignments/bgp-well-known-communities/bgp-well-known-communities.xhtml
|
||||
define wk_graceful_shutdown = (0xffff, 0x0000); # RFC8326
|
||||
define wk_accept_own = (0xffff, 0x0001); # RFC7611
|
||||
define wk_blackhole = (0xffff, 0x029a); # RFC7999
|
||||
define wk_blackhole = (0xffff, 0x029a); # RFC7999
|
||||
define wk_no_export = (0xffff, 0xff01); # RFC1997
|
||||
define wk_no_advertise = (0xffff, 0xff02); # RFC1997
|
||||
define wk_no_export_subconfed = (0xffff, 0xff03); # RFC1997
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
define my_ripe_asn = 207613;
|
||||
define my_dn42_asn = 4242422428;
|
||||
|
||||
define l66_gw_v4 = 141.98.136.129;
|
||||
define l66_gw_v6 = 2a09:11c0:f0:bbf0::1;
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
# Source: https://wiki.hamburg.ccc.de/ChaosVPN:IPRanges
|
||||
|
||||
function is_chaosvpn() {
|
||||
return net ~ [
|
||||
10.4.0.0/16+,
|
||||
10.32.0.0/16+,
|
||||
10.100.0.0/14+,
|
||||
10.104.0.0/14+,
|
||||
172.31.0.0/16+
|
||||
];
|
||||
}
|
||||
|
||||
|
|
@ -128,7 +128,7 @@ function is_martian_v4() {
|
|||
192.88.99.0/24+, # RFC3068: 6to4 Relay Anycast
|
||||
203.0.113.0/24+, # RFC5737: IPv4 Address Blocks Reserved for Documentation (TEST-NET-3)
|
||||
224.0.0.0/4+, # RFC5771: IPv4 Multicast
|
||||
240.0.0.0/4+, # RFC1112: Reserved for Future Use
|
||||
240.0.0.0/4+, # RFC1112: Reserved for Future Use
|
||||
255.255.255.255/32 # RFC0919: Limited Broadcast
|
||||
];
|
||||
}
|
||||
|
|
@ -227,3 +227,4 @@ function is_bogon_ebgp_v6() {
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,88 +0,0 @@
|
|||
function is_dn42() {
|
||||
return net ~ [
|
||||
172.20.0.0/14{21,29},
|
||||
172.20.0.0/24{28,32}, # Anycast
|
||||
172.21.0.0/24{28,32}, # Anycast
|
||||
172.22.0.0/24{28,32}, # Anycast
|
||||
172.23.0.0/24{28,32}, # Anycast
|
||||
fd00::/8{44,64}
|
||||
];
|
||||
}
|
||||
|
||||
function dn42_import_v4()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
|
||||
if bgp_path ~ [= * 4242421331 * =] then reject;
|
||||
|
||||
if is_mine_dn42() then
|
||||
ok = false;
|
||||
|
||||
if ! is_dn42() then
|
||||
ok = false;
|
||||
|
||||
if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_VALID then
|
||||
bgp_large_community.add(informational_rpki_valid);
|
||||
else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
|
||||
bgp_large_community.add(informational_rpki_unknown);
|
||||
else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
|
||||
print "Ignore ROA invalid ", net, " for ASN ", bgp_path.last, " from ", proto;
|
||||
bgp_large_community.add(informational_rpki_invalid);
|
||||
ok = false;
|
||||
}
|
||||
else
|
||||
bgp_large_community.add(informational_rpki_not_checked);
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
||||
function dn42_import_v6()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
|
||||
if bgp_path ~ [= * 4242421331 * =] then reject;
|
||||
|
||||
if is_mine_dn42() then
|
||||
ok = false;
|
||||
|
||||
if ! is_dn42() then
|
||||
ok = false;
|
||||
|
||||
if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_VALID then
|
||||
bgp_large_community.add(informational_rpki_valid);
|
||||
else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
|
||||
bgp_large_community.add(informational_rpki_unknown);
|
||||
else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
|
||||
print "Ignore ROA invalid ", net, " for ASN ", bgp_path.last, " from ", proto;
|
||||
bgp_large_community.add(informational_rpki_invalid);
|
||||
ok = false;
|
||||
}
|
||||
else
|
||||
bgp_large_community.add(informational_rpki_not_checked);
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
||||
function dn42_export_v4()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
|
||||
if ! is_dn42() then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
||||
function dn42_export_v6()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
|
||||
if ! is_dn42() then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
|
@ -55,8 +55,5 @@ function ebgp_export_v6()
|
|||
if ! is_mine_ripe() then
|
||||
ok = false;
|
||||
|
||||
if net = 2a09:11c0:202::/48 then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +0,0 @@
|
|||
function is_freifunk() {
|
||||
return net ~ [
|
||||
10.0.0.0/8{15,24}
|
||||
];
|
||||
}
|
||||
|
||||
|
|
@ -1,43 +1,28 @@
|
|||
function ibgp_export_v4()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
filter ibgp_export_v4 {
|
||||
if net.len = 32 then
|
||||
reject;
|
||||
|
||||
if net.len = 32 then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
accept;
|
||||
}
|
||||
|
||||
function ibgp_export_v6()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
|
||||
filter ibgp_export_v6 {
|
||||
if net.len = 128 then
|
||||
ok = false;
|
||||
reject;
|
||||
|
||||
return ok;
|
||||
accept;
|
||||
}
|
||||
|
||||
function ibgp_import_v4()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
filter ibgp_import_v4 {
|
||||
# if net = 0.0.0.0/0 then
|
||||
# reject;
|
||||
|
||||
if net = 0.0.0.0/0 then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
accept;
|
||||
}
|
||||
|
||||
function ibgp_import_v6()
|
||||
bool ok;
|
||||
{
|
||||
ok = true;
|
||||
filter ibgp_import_v6 {
|
||||
# if net = 0::/0 then
|
||||
# reject;
|
||||
|
||||
if net = ::/0 then
|
||||
ok = false;
|
||||
|
||||
return ok;
|
||||
accept;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ function is_idfx() {
|
|||
2a09:11c0:20f:100::/56{56,64}
|
||||
];
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
# https://noc-portal.rz.rwth-aachen.de/networks-view/
|
||||
function is_rwth() {
|
||||
return net ~ [
|
||||
134.61.0.0/16+,
|
||||
134.130.0.0/16+,
|
||||
137.226.0.0/16+,
|
||||
192.35.229.0/24+,
|
||||
194.35.108.0/22+,
|
||||
2a00:8a60::/29+
|
||||
];
|
||||
}
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
Subproject commit 898eb449091db4029f1bf3ab6bb478a0f3cf4b4d
|
||||
|
|
@ -1,66 +0,0 @@
|
|||
template bgp ixp_ch_v4 from ebgp_peer_v4 {
|
||||
local 185.1.125.152;
|
||||
neighbor as 35708;
|
||||
|
||||
ipv4 {
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v4() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
template bgp ixp_ch_v6 from ebgp_peer_v6 {
|
||||
local 2001:7f8:d0:b901::7d98;
|
||||
neighbor as 35708;
|
||||
|
||||
ipv6 {
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v6() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp ixp_ch_rs1_v4 from ixp_ch_v4 {
|
||||
description "4IXP Zürich: RS1 (v4)";
|
||||
|
||||
neighbor 185.1.125.1;
|
||||
}
|
||||
|
||||
protocol bgp ixp_ch_rs2_v4 from ixp_ch_v4 {
|
||||
description "4IXP Zürich: RS1 24)";
|
||||
|
||||
neighbor 185.1.125.2;
|
||||
}
|
||||
|
||||
protocol bgp ixp_ch_rs1_v6 from ixp_ch_v6 {
|
||||
description "4IXP Zürich: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:d0:b901::7d01;
|
||||
}
|
||||
|
||||
protocol bgp ixp_ch_rs2_v6 from ixp_ch_v6 {
|
||||
description "4IXP Zürich: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:d0:b901::7d02;
|
||||
}
|
||||
|
||||
# Peering
|
||||
protocol bgp ixp_ch_4b42_v6 from ixp_ch_v6 {
|
||||
description "4IXP Zürich: 4b42 (v6)";
|
||||
|
||||
neighbor 2001:7f8:d0:b901::7dfe as 60474;
|
||||
}
|
||||
|
|
@ -1,8 +1,6 @@
|
|||
protocol bfd bfd1 {
|
||||
|
||||
interface "wg-*" {
|
||||
interval 100ms;
|
||||
authentication simple;
|
||||
password pw_bfd;
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,68 +0,0 @@
|
|||
ipv4 table cymru_v4;
|
||||
ipv6 table cymru_v6;
|
||||
|
||||
filter cymru_bogons_import {
|
||||
bgp_community.add((65332,888));
|
||||
bgp_community.add(wk_no_export);
|
||||
|
||||
dest = RTD_BLACKHOLE;
|
||||
accept;
|
||||
}
|
||||
|
||||
template bgp cymru {
|
||||
local as my_ripe_asn;
|
||||
neighbor as 65332;
|
||||
|
||||
multihop 255;
|
||||
password pw_cymru;
|
||||
}
|
||||
|
||||
template bgp cymru_v4_tmpl from cymru {
|
||||
local 31.47.232.66;
|
||||
|
||||
ipv4 {
|
||||
table cymru_v4;
|
||||
|
||||
import filter cymru_bogons_import;
|
||||
export none;
|
||||
};
|
||||
}
|
||||
|
||||
template bgp cymru_v6_tmpl from cymru {
|
||||
local 2a09:11c0:200::1:1;
|
||||
|
||||
ipv6 {
|
||||
table cymru_v6;
|
||||
|
||||
import filter cymru_bogons_import;
|
||||
export none;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp cymru_v4_1 from cymru_v4_tmpl {
|
||||
description "Cymru Bogons S1 (v4)";
|
||||
|
||||
neighbor 38.229.6.20;
|
||||
|
||||
disabled yes;
|
||||
}
|
||||
|
||||
protocol bgp cymru_v4_2 from cymru_v4_tmpl {
|
||||
description "Cymru Bogons S2 (v4)";
|
||||
|
||||
neighbor 38.229.46.20;
|
||||
|
||||
disabled yes;
|
||||
}
|
||||
|
||||
protocol bgp cymru_v6_1 from cymru_v6_tmpl {
|
||||
description "Cymru Bogons S1 (v6)";
|
||||
|
||||
neighbor 2620:0:6B0:FF00::20;
|
||||
}
|
||||
|
||||
protocol bgp cymru_v6_2 from cymru_v6_tmpl {
|
||||
description "Cymru Bogons S2 (v6)";
|
||||
|
||||
neighbor 2620:0:6B0:8000::20;
|
||||
}
|
||||
|
|
@ -1,398 +0,0 @@
|
|||
template bgp decix_v4 from ebgp_peer_v4 {
|
||||
ipv4 {
|
||||
preference 120;
|
||||
};
|
||||
}
|
||||
|
||||
template bgp decix_v6 from ebgp_peer_v6 {
|
||||
ipv6 {
|
||||
import limit 50000;
|
||||
|
||||
preference 120;
|
||||
};
|
||||
}
|
||||
|
||||
### IPv4
|
||||
template bgp decix_fra_v4 from decix_v4 {
|
||||
neighbor as 6695;
|
||||
|
||||
local 80.81.196.155;
|
||||
}
|
||||
|
||||
template bgp decix_dus_v4 from decix_v4 {
|
||||
neighbor as 56890;
|
||||
|
||||
local 185.1.170.221;
|
||||
}
|
||||
|
||||
template bgp decix_ham_v4 from decix_v4 {
|
||||
neighbor as 43252;
|
||||
|
||||
local 80.81.203.195;
|
||||
}
|
||||
|
||||
template bgp decix_muc_v4 from decix_v4 {
|
||||
neighbor as 47228;
|
||||
|
||||
local 80.81.202.202;
|
||||
}
|
||||
|
||||
### IPv6
|
||||
template bgp decix_fra_v6 from decix_v6 {
|
||||
local 2001:7f8::3:2afd:0:1;
|
||||
neighbor as 6695;
|
||||
|
||||
ipv6 {
|
||||
preference 140;
|
||||
};
|
||||
}
|
||||
|
||||
template bgp decix_dus_v6 from decix_v6 {
|
||||
local 2001:7f8:9e:0:3:2afd:0:1;
|
||||
neighbor as 56890;
|
||||
}
|
||||
|
||||
template bgp decix_ham_v6 from decix_v6 {
|
||||
local 2001:7f8:3d:0:3:2afd:0:1;
|
||||
neighbor as 43252;
|
||||
}
|
||||
|
||||
template bgp decix_muc_v6 from decix_v6 {
|
||||
local 2001:7f8:44:0:3:2afd:0:1;
|
||||
neighbor as 47228;
|
||||
}
|
||||
|
||||
# Frankfurt
|
||||
protocol bgp decix_fra_rs1_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankfurt: RS1 (v4)";
|
||||
|
||||
neighbor 80.81.192.157;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_rs1_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankfurt: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8::1a27:5051:c09d;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_rs2_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankfurt: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8::1a27:5051:c19d;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_bh_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankfurt: Blackholing (v6)";
|
||||
|
||||
neighbor 2001:7f8::1a27:5051:c09e;
|
||||
|
||||
ipv6 {
|
||||
table ebgp_v6_bh;
|
||||
};
|
||||
}
|
||||
|
||||
# Hamburg
|
||||
protocol bgp decix_ham_rs1_v4 from decix_ham_v4 {
|
||||
description "DE-CIX Hamburg: RS1 (v4)";
|
||||
|
||||
neighbor 80.81.203.252;
|
||||
}
|
||||
|
||||
protocol bgp decix_ham_rs2_v4 from decix_ham_v4 {
|
||||
description "DE-CIX Hamburg: RS2 (v4)";
|
||||
|
||||
neighbor 80.81.203.253;
|
||||
}
|
||||
|
||||
protocol bgp decix_ham_rs1_v6 from decix_ham_v6 {
|
||||
description "DE-CIX Hamburg: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:3d::a8f4:0:1;
|
||||
}
|
||||
|
||||
protocol bgp decix_ham_rs2_v6 from decix_ham_v6 {
|
||||
description "DE-CIX Hamburg: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:3d::a8f4:0:2;
|
||||
}
|
||||
|
||||
# Düsseldorf
|
||||
protocol bgp decix_dus_rs1_v4 from decix_dus_v4 {
|
||||
description "DE-CIX Düsseldorf: RS1 (v4)";
|
||||
|
||||
neighbor 185.1.170.252;
|
||||
}
|
||||
|
||||
protocol bgp decix_dus_rs2_v4 from decix_dus_v4 {
|
||||
description "DE-CIX Düsseldorf: RS2 (v4)";
|
||||
|
||||
neighbor 185.1.171.252;
|
||||
}
|
||||
|
||||
protocol bgp decix_dus_rs1_v6 from decix_dus_v6 {
|
||||
description "DE-CIX Düsseldorf: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:9e::de3a:fc:1;
|
||||
}
|
||||
|
||||
protocol bgp decix_dus_rs2_v6 from decix_dus_v6 {
|
||||
description "DE-CIX Düsseldorf: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:9e::de3a:fd:1;
|
||||
}
|
||||
|
||||
# München
|
||||
protocol bgp decix_muc_rs1_v4 from decix_muc_v4 {
|
||||
description "DE-CIX München: RS1 (v4)";
|
||||
|
||||
neighbor 80.81.202.252;
|
||||
}
|
||||
|
||||
protocol bgp decix_muc_rs2_v4 from decix_muc_v4 {
|
||||
description "DE-CIX München: RS2 (v4)";
|
||||
|
||||
neighbor 80.81.202.253;
|
||||
}
|
||||
|
||||
protocol bgp decix_muc_rs1_v6 from decix_muc_v6 {
|
||||
description "DE-CIX München: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:44::b87c:0:1;
|
||||
}
|
||||
|
||||
protocol bgp decix_muc_rs2_v6 from decix_muc_v6 {
|
||||
description "DE-CIX München: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:44::b87c:0:2;
|
||||
}
|
||||
|
||||
#
|
||||
# Public Peerings
|
||||
|
||||
# HE
|
||||
protocol bgp decix_fra_he_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankfurt: Hurricane Electric (v6)";
|
||||
|
||||
neighbor 2001:7f8::1b1b:0:1 as 6939;
|
||||
}
|
||||
|
||||
# Facebook
|
||||
protocol bgp decix_muc_facebook_rs1_v6 from decix_muc_v6 {
|
||||
description "DE-CIX Mün: Facebook RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:44::80a6:0:1 as 32934;
|
||||
}
|
||||
|
||||
protocol bgp decix_muc_facebook_rs2_v6 from decix_muc_v6 {
|
||||
description "DE-CIX München: Facebook: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:44::80a6:0:2 as 32934;
|
||||
}
|
||||
|
||||
# Asympto
|
||||
protocol bgp decix_fra_asympto_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankfurt: Asympto (v4)";
|
||||
|
||||
neighbor 80.81.196.144 as 39533;
|
||||
|
||||
ipv4 {
|
||||
import limit 100000;
|
||||
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v4() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
|
||||
preference 80;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_asympto_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankfurt: Asympto (v6)";
|
||||
|
||||
neighbor 2001:7f8::9a6d:0:2 as 39533;
|
||||
|
||||
ipv6 {
|
||||
import limit 100000;
|
||||
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v6() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
|
||||
preference 80;
|
||||
};
|
||||
}
|
||||
|
||||
# Cloudflare
|
||||
protocol bgp decix_fra_cloudflare_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Cloudflare (v4)";
|
||||
|
||||
neighbor 80.81.194.180 as 13335;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_cloudflare_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Cloudflare (v6)";
|
||||
|
||||
neighbor 2001:7f8::3417:0:1 as 13335;
|
||||
}
|
||||
|
||||
# Akamai
|
||||
protocol bgp decix_fra_akamai_rs1_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Akamai RS1 (v4)";
|
||||
|
||||
neighbor 80.81.192.28 as 20940;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_akamai_rs2_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Akamai RS2 (v4)";
|
||||
|
||||
neighbor 80.81.192.168 as 20940;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_akamai_rs3_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Akamai RS3 (v4)";
|
||||
|
||||
neighbor 80.81.195.168 as 20940;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_akamai_rs1_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Akamai RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8::51cc:0:28 as 20940;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_akamai_rs2_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Akamai RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8::51cc:0:168 as 20940;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_akamai_rs3_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Akamai RS3 (v6)";
|
||||
|
||||
neighbor 2001:7f8::51cc:1:168 as 20940;
|
||||
}
|
||||
|
||||
# Apple
|
||||
protocol bgp decix_fra_apple_rs1_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Apple RS1 (v4)";
|
||||
|
||||
neighbor 80.81.193.202 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs2_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Apple RS2 (v4)";
|
||||
|
||||
neighbor 80.81.193.223 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs3_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Apple RS3 (v4)";
|
||||
|
||||
neighbor 80.81.194.171 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs4_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: Apple RS4 (v4)";
|
||||
|
||||
neighbor 80.81.194.161 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs1_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Apple RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8::2ca:0:1 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs2_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Apple RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8::2ca:0:2 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs3_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Apple RS3 (v6)";
|
||||
|
||||
neighbor 2001:7f8::2ca:0:3 as 714;
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_apple_rs4_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: Apple RS4 (v6)";
|
||||
|
||||
neighbor 2001:7f8::2ca:0:4 as 714;
|
||||
}
|
||||
|
||||
# DFN Frankfurt
|
||||
protocol bgp decix_fra_dfn_rs1_v4 from decix_fra_v4 {
|
||||
description "DE-CIX Frankurt: DFN RS1 (v4)";
|
||||
|
||||
neighbor 80.81.192.222 as 680;
|
||||
|
||||
ipv4 {
|
||||
import limit 800;
|
||||
};
|
||||
|
||||
password "the3eeNu";
|
||||
}
|
||||
|
||||
protocol bgp decix_fra_dfn_rs1_v6 from decix_fra_v6 {
|
||||
description "DE-CIX Frankurt: DFN RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8::2a8:0:1 as 680;
|
||||
|
||||
ipv6 {
|
||||
import limit 100;
|
||||
};
|
||||
|
||||
password "the3eeNu";
|
||||
}
|
||||
|
||||
# DFN Hamburg
|
||||
template bgp decix_ham_dfn_v4 from decix_ham_v4 {
|
||||
|
||||
ipv4 {
|
||||
import limit 800;
|
||||
};
|
||||
|
||||
password "the3eeNu";
|
||||
|
||||
neighbor as 680;
|
||||
}
|
||||
|
||||
template bgp decix_ham_dfn_v6 from decix_ham_v6 {
|
||||
|
||||
ipv6 {
|
||||
import limit 100;
|
||||
};
|
||||
|
||||
password "the3eeNu";
|
||||
|
||||
neighbor as 680;
|
||||
}
|
||||
|
||||
protocol bgp decix_ham_dfn_rs1_v4 from decix_ham_dfn_v4 {
|
||||
description "DE-CIX Hamburg: DFN RS1 (v4)";
|
||||
|
||||
neighbor 80.81.203.118;
|
||||
}
|
||||
|
||||
protocol bgp decix_ham_dfn_rs1_v6 from decix_ham_dfn_v6 {
|
||||
description "DE-CIX Hamburg: DFN RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:3d::2a8:0:1;
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
protocol static static_roa_dn42_v4 {
|
||||
roa4 {
|
||||
table roa_dn42_v4;
|
||||
};
|
||||
|
||||
include "/var/lib/bird/bird_roa_dn42_v4.conf";
|
||||
}
|
||||
|
||||
protocol static static_roa_dn42_v6 {
|
||||
roa6 {
|
||||
table roa_dn42_v6;
|
||||
};
|
||||
|
||||
include "/var/lib/bird/bird_roa_dn42_v6.conf";
|
||||
}
|
||||
|
||||
include "/etc/bird/protocols/dn42/*.conf";
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
protocol bgp dn42_burble from dn42_peer_v46 {
|
||||
description "dn42: burble";
|
||||
|
||||
local fd42:4dd0:ff00::3;
|
||||
neighbor fd42:4242:2601:23::1 as 4242422601;
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
protocol bgp dn42_doxz_v4 from dn42_peer_v4 {
|
||||
description "dn42: doxz (v4)";
|
||||
|
||||
interface "wg-doxz";
|
||||
|
||||
local 172.23.156.66;
|
||||
neighbor 172.22.159.62 as 4242422904;
|
||||
}
|
||||
|
||||
protocol bgp dn42_doxz_v6 from dn42_peer_v6 {
|
||||
description "dn42: doxz (v6)";
|
||||
|
||||
interface "wg-doxz";
|
||||
|
||||
local fd42:4dd0:ff00::1;
|
||||
neighbor fdfc:694e:234f::1 as 4242422904;
|
||||
}
|
||||
|
|
@ -1,81 +0,0 @@
|
|||
ipv4 table dn42_grc_v4;
|
||||
ipv6 table dn42_grc_v6;
|
||||
|
||||
protocol bgp dn42_grc_export {
|
||||
disabled yes;
|
||||
|
||||
description "dn42: Global Route Collector Export (burble)";
|
||||
local fd42:4dd0:ff00::1 as my_dn42_asn;
|
||||
neighbor fd42:4242:2601:ac12::1 as 4242422602;
|
||||
|
||||
multihop;
|
||||
|
||||
ipv4 {
|
||||
add paths tx;
|
||||
|
||||
table dn42_v4;
|
||||
|
||||
export all;
|
||||
import none;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
add paths tx;
|
||||
|
||||
table dn42_v6;
|
||||
|
||||
export all;
|
||||
import none;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp dn42_grc_import {
|
||||
disabled yes;
|
||||
|
||||
description "dn42: Global Route Collector Import (burble)";
|
||||
|
||||
local fd42:4dd0:ff00::1:1 as my_dn42_asn;
|
||||
neighbor fd42:4242:2601:ac12::1 as 4242422602;
|
||||
|
||||
mrtdump all;
|
||||
multihop;
|
||||
|
||||
ipv4 {
|
||||
add paths rx;
|
||||
table dn42_grc_v4;
|
||||
|
||||
export none;
|
||||
import all;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
add paths rx;
|
||||
table dn42_grc_v6;
|
||||
|
||||
export none;
|
||||
import all;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp dn42_grc_peer {
|
||||
description "dn42: Global Route Collector Peer";
|
||||
|
||||
local 2a09:11c0:200::14 as my_dn42_asn;
|
||||
neighbor range 2a09:11c0:200::/48 internal;
|
||||
|
||||
ipv4 {
|
||||
add paths tx;
|
||||
table dn42_grc_v4;
|
||||
|
||||
export all;
|
||||
import none;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
add paths tx;
|
||||
table dn42_grc_v6;
|
||||
|
||||
export all;
|
||||
import none;
|
||||
};
|
||||
}
|
||||
|
|
@ -1 +0,0 @@
|
|||
#mrtdump "/mnt/mrt/bird/msgs_dn42_grc_2020-05-08.mrt";
|
||||
|
|
@ -1,18 +0,0 @@
|
|||
template bgp dn42_idfx from dn42_peer_v46 {
|
||||
neighbor port 1179 as 4242422345;
|
||||
local port 1179;
|
||||
}
|
||||
|
||||
protocol bgp dn42_idfx_derhr1 from dn42_idfx {
|
||||
description "dn42: idfx-derhr1";
|
||||
|
||||
local fd42:4dd0:ff00::4;
|
||||
neighbor fdb0:4339:ffff::106;
|
||||
}
|
||||
|
||||
protocol bgp dn42_idfx_uslxa1 from dn42_idfx {
|
||||
description "dn42: idfx-uslxa1";
|
||||
|
||||
local fd42:4dd0:ff00::5;
|
||||
neighbor fdb0:4339:ffff::108;
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
protocol bgp dn42_kioubit_v4 from dn42_peer_v4 {
|
||||
description "dn42: kioubit (v4)";
|
||||
|
||||
interface "wg-kioubit";
|
||||
|
||||
local 172.23.156.71;
|
||||
neighbor 172.20.53.97 as 4242423914;
|
||||
}
|
||||
|
||||
protocol bgp dn42_kioubit_v6 from dn42_peer_v6 {
|
||||
description "dn42: kioubit (v6)";
|
||||
|
||||
interface "wg-kioubit";
|
||||
|
||||
local fe80::1337;
|
||||
neighbor fe80::ade0 as 4242423914;
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
protocol bgp dn42_tbspace_v4 from dn42_peer_v4 {
|
||||
description "dn42: tbspace (v4)";
|
||||
|
||||
interface "wg-tbspace";
|
||||
|
||||
local 172.23.156.65;
|
||||
neighbor 172.23.235.1 as 76190;
|
||||
}
|
||||
|
||||
protocol bgp dn42_tbspace_v6 from dn42_peer_v6 {
|
||||
description "dn42: tbspace (v6)";
|
||||
|
||||
interface "wg-tbspace";
|
||||
|
||||
local fe80::1337;
|
||||
neighbor fe80::1299:e as 76190;
|
||||
}
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
template bgp evix_v6 from ebgp_peer_v6 {
|
||||
local 2602:fed2:fff:ffff::233;
|
||||
}
|
||||
|
||||
protocol bgp evix_rs1_v6 from evix_v6 {
|
||||
description "EVIX Amsterdam: RS1 (v6)";
|
||||
|
||||
neighbor 2602:fed2:fff:ffff::1 as 137933;
|
||||
}
|
||||
|
||||
protocol bgp evix_rs2_v6 from evix_v6 {
|
||||
description "EVIX Amsterdam: RS2 (v6)";
|
||||
|
||||
neighbor 2602:fed2:fff:ffff::253 as 209762;
|
||||
}
|
||||
|
|
@ -1,26 +1,63 @@
|
|||
protocol bgp moon from rr_clients {
|
||||
description "iBGP: moon.0l.de";
|
||||
template bgp rr_clients {
|
||||
local as my_ripe_asn;
|
||||
neighbor as my_ripe_asn;
|
||||
|
||||
local 2a09:11c0:200::14;
|
||||
neighbor 2a09:11c0:200::2;
|
||||
rr client;
|
||||
rr cluster id 172.23.156.2;
|
||||
|
||||
bfd yes;
|
||||
direct;
|
||||
|
||||
ipv4 {
|
||||
import keep filtered;
|
||||
import filter ibgp_import_v4;
|
||||
export filter ibgp_export_v4;
|
||||
next hop self;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
import keep filtered;
|
||||
import filter ibgp_import_v6;
|
||||
export filter ibgp_export_v6;
|
||||
next hop self;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp k8s_1_v4 from rr_clients {
|
||||
description "iBGP: k8s-1.lian.vms.0l.de";
|
||||
|
||||
local 172.23.156.2;
|
||||
neighbor 172.23.156.120;
|
||||
|
||||
ipv4 {
|
||||
export none;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp k8s_1_v6 from rr_clients {
|
||||
description "iBGP: k8s-1.lian.vms.0l.de";
|
||||
|
||||
local 2a09:11c0:200::2;
|
||||
neighbor 2a09:11c0:200:100:4cd2:28f8:e1b:9b22;
|
||||
|
||||
ipv6 {
|
||||
export none;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp rpi from rr_clients {
|
||||
description "iBGP: rpi.home.0l.de";
|
||||
|
||||
local 2a09:11c0:200::14;
|
||||
local 2a09:11c0:200::2;
|
||||
neighbor 2a09:11c0:200::3;
|
||||
|
||||
bfd yes;
|
||||
}
|
||||
|
||||
protocol bgp acs from rr_clients {
|
||||
description "iBGP: acs.0l.de";
|
||||
protocol bgp edgy from rr_clients {
|
||||
description "iBGP: edgy.0l.de";
|
||||
|
||||
local 2a09:11c0:200::7;
|
||||
neighbor 2a09:11c0:200::6;
|
||||
local 2a09:11c0:200::2;
|
||||
neighbor 2a09:11c0:200::14;
|
||||
|
||||
bfd yes;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ template bgp idfx {
|
|||
ipv4 {
|
||||
import keep filtered;
|
||||
import where is_idfx();
|
||||
|
||||
|
||||
export filter {
|
||||
if !is_mine() then
|
||||
reject;
|
||||
|
|
@ -14,12 +14,16 @@ template bgp idfx {
|
|||
|
||||
accept;
|
||||
};
|
||||
|
||||
next hop self yes;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
import keep filtered;
|
||||
import where is_idfx();
|
||||
export where is_mine();
|
||||
|
||||
next hop self yes;
|
||||
};
|
||||
|
||||
allow bgp_local_pref yes;
|
||||
|
|
@ -28,13 +32,6 @@ template bgp idfx {
|
|||
protocol bgp idfx_derhr1 from idfx {
|
||||
description "iBGP: idfx-derhr1";
|
||||
|
||||
local fd42:4dd0:ff00::4;
|
||||
local fd42:4dd0:ff00::6;
|
||||
neighbor fdb0:4339:ffff::106 as 4243390106;
|
||||
}
|
||||
|
||||
protocol bgp idfx_uslxa1 from idfx {
|
||||
description "iBGP: idfx-uslxa1";
|
||||
|
||||
local fd42:4dd0:ff00::5;
|
||||
neighbor fdb0:4339:ffff::108 as 4243390108;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,25 +0,0 @@
|
|||
protocol bgp k8s_0_v4 from rr_clients {
|
||||
description "iBGP: k8s-0.edgy.vms.0l.de";
|
||||
|
||||
local 172.23.156.14;
|
||||
neighbor 172.23.156.183;
|
||||
|
||||
ipv4 {
|
||||
export none;
|
||||
|
||||
aigp originate;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp k8s_0_v6 from rr_clients {
|
||||
description "iBGP: k8s-0.edgy.vms.0l.de";
|
||||
|
||||
local 2a09:11c0:200::14;
|
||||
neighbor 2a09:11c0:200:101:5054:ff:fe3e:5017;
|
||||
|
||||
ipv6 {
|
||||
export none;
|
||||
|
||||
aigp originate;
|
||||
};
|
||||
}
|
||||
|
|
@ -1,65 +1,28 @@
|
|||
protocol kernel kernel_v4 {
|
||||
protocol kernel {
|
||||
ipv4 {
|
||||
import none;
|
||||
export where source != RTS_DEVICE && net.len > 0 && dest != RTD_UNREACHABLE;
|
||||
import all;
|
||||
export filter {
|
||||
if proto ~ "direct*" then reject;
|
||||
|
||||
accept;
|
||||
};
|
||||
};
|
||||
|
||||
metric 0;
|
||||
learn;
|
||||
}
|
||||
|
||||
protocol kernel kernel_v6 {
|
||||
protocol kernel {
|
||||
ipv6 {
|
||||
import none;
|
||||
export where source != RTS_DEVICE && net.len > 0 && dest != RTD_UNREACHABLE;
|
||||
import all;
|
||||
export filter {
|
||||
if proto ~ "direct*" then reject;
|
||||
|
||||
accept;
|
||||
};
|
||||
};
|
||||
|
||||
metric 0;
|
||||
learn;
|
||||
}
|
||||
|
||||
protocol kernel kernel_dn42_v4 {
|
||||
kernel table krt_dn42;
|
||||
|
||||
ipv4 {
|
||||
table dn42_v4;
|
||||
|
||||
import none;
|
||||
export all;
|
||||
};
|
||||
}
|
||||
|
||||
protocol kernel kernel_dn42_v6 {
|
||||
kernel table krt_dn42;
|
||||
|
||||
ipv6 {
|
||||
table dn42_v6;
|
||||
|
||||
import none;
|
||||
export all;
|
||||
};
|
||||
}
|
||||
|
||||
protocol kernel kernel_ebgp_v6 {
|
||||
kernel table krt_ebgp;
|
||||
|
||||
ipv6 {
|
||||
table ebgp_v6;
|
||||
|
||||
export where source != RTS_DEVICE;
|
||||
import none;
|
||||
};
|
||||
|
||||
metric 0;
|
||||
}
|
||||
|
||||
protocol kernel kernel_ebgp_v4 {
|
||||
kernel table krt_ebgp;
|
||||
|
||||
ipv4 {
|
||||
table ebgp_v4;
|
||||
|
||||
export where source != RTS_DEVICE;
|
||||
import none;
|
||||
};
|
||||
|
||||
metric 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,77 +0,0 @@
|
|||
template bgp kleyrex_fra_v4 from ebgp_peer_v4 {
|
||||
local 193.189.83.14;
|
||||
neighbor as 31142;
|
||||
|
||||
ipv4 {
|
||||
preference 120;
|
||||
};
|
||||
|
||||
graceful restart on;
|
||||
}
|
||||
|
||||
template bgp kleyrex_fra_v6 from ebgp_peer_v6 {
|
||||
local 2001:7f8:33::A120:7613:1;
|
||||
neighbor as 31142;
|
||||
|
||||
ipv6 {
|
||||
preference 120;
|
||||
};
|
||||
|
||||
graceful restart on;
|
||||
}
|
||||
|
||||
protocol bgp kleyrex_fra_rs1_v6 from kleyrex_fra_v6 {
|
||||
description "KleyRex Frankfurt: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:33::a103:1142:1;
|
||||
}
|
||||
|
||||
protocol bgp kleyrex_fra_rs2_v6 from kleyrex_fra_v6 {
|
||||
description "KleyRex Frankfurt: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:33::a103:1142:2;
|
||||
}
|
||||
|
||||
protocol bgp kleyrex_fra_rs3_v6 from kleyrex_fra_v6 {
|
||||
description "KleyRex Frankfurt: RS3 (v6)";
|
||||
|
||||
neighbor 2001:7f8:33::a103:1142:3;
|
||||
}
|
||||
|
||||
# Public Peerings
|
||||
#
|
||||
|
||||
# 4b42
|
||||
protocol bgp kleyrex_fra_4b42_v4 from kleyrex_fra_v4 {
|
||||
description "KleyRex Frankfurt: 4b42 (v4)";
|
||||
|
||||
ipv4 {
|
||||
preference 50;
|
||||
};
|
||||
|
||||
neighbor 193.189.82.80 as 60474;
|
||||
}
|
||||
|
||||
protocol bgp kleyrex_fra_4b42_v6 from kleyrex_fra_v6 {
|
||||
description "KleyRex Frankfurt: 4b42 (v6)";
|
||||
|
||||
ipv6 {
|
||||
preference 50;
|
||||
};
|
||||
|
||||
neighbor 2001:7f8:33::a106:474:1 as 60474;
|
||||
}
|
||||
|
||||
# VNP Digital
|
||||
protocol bgp kleyrex_fra_vnp_v4 from kleyrex_fra_v4 {
|
||||
description "KleyRex Frankfurt: VNP Digital (v4)";
|
||||
|
||||
neighbor 193.189.82.10 as 208976;
|
||||
}
|
||||
|
||||
protocol bgp kleyrex_fra_vnp_v6 from kleyrex_fra_v6 {
|
||||
description "KleyRex Frankfurt: VNP Digital (v6)";
|
||||
|
||||
neighbor 2001:7f8:33::A120:8976:1 as 208976;
|
||||
}
|
||||
|
||||
27
protocols/level66.conf
Normal file
27
protocols/level66.conf
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
protocol bgp level66_rs1_v4 from ebgp_peer_v4 {
|
||||
description "level66.network RS1 (v4)";
|
||||
|
||||
local 141.98.136.131;
|
||||
neighbor 141.98.136.129 as 209844;
|
||||
}
|
||||
|
||||
protocol bgp level66_rs1_v6 from ebgp_peer_v6 {
|
||||
description "level66.network RS1 (v6)";
|
||||
|
||||
local 2a09:11c0:f0:bbf0::3;
|
||||
neighbor 2a09:11c0:f0:bbf0::1 as 209844;
|
||||
}
|
||||
|
||||
protocol bgp level66_rs2_v4 from ebgp_peer_v4 {
|
||||
description "level66.network RS2 (v4)";
|
||||
|
||||
local 141.98.136.131;
|
||||
neighbor 141.98.136.130 as 209844;
|
||||
}
|
||||
|
||||
protocol bgp level66_rs2_v6 from ebgp_peer_v6 {
|
||||
description "level66.network RS2 (v6)";
|
||||
|
||||
local 2a09:11c0:f0:bbf0::3;
|
||||
neighbor 2a09:11c0:f0:bbf0::2 as 209844;
|
||||
}
|
||||
|
|
@ -1,80 +0,0 @@
|
|||
template bgp locix_fra_v4 from ebgp_peer_v4 {
|
||||
local 185.1.166.174;
|
||||
neighbor as 202409;
|
||||
|
||||
ipv4 {
|
||||
preference 110;
|
||||
};
|
||||
|
||||
graceful restart on;
|
||||
}
|
||||
|
||||
template bgp locix_fra_v6 from ebgp_peer_v6 {
|
||||
local 2001:7f8:f2:e1:0:a520:7613:1;
|
||||
neighbor as 202409;
|
||||
|
||||
ipv6 {
|
||||
preference 110;
|
||||
};
|
||||
|
||||
graceful restart on;
|
||||
}
|
||||
|
||||
protocol bgp locix_fra_rs1_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: RS1 (v6)";
|
||||
|
||||
neighbor 2001:7f8:f2:e1::babe:1;
|
||||
}
|
||||
|
||||
protocol bgp locix_fra_rs2_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: RS2 (v6)";
|
||||
|
||||
neighbor 2001:7f8:f2:e1::dead:1;
|
||||
}
|
||||
|
||||
protocol bgp locix_fra_rs3_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: RS3 (v6)";
|
||||
|
||||
neighbor 2001:7f8:f2:e1::be5a;
|
||||
}
|
||||
|
||||
# iFog.ch
|
||||
protocol bgp locix_fra_ifog_v4 from locix_fra_v4 {
|
||||
description "LocIX Frankfurt: iFog (v4)";
|
||||
|
||||
neighbor 185.1.166.134 as 34927;
|
||||
|
||||
ipv4 {
|
||||
preference 90; # max MTU < 1500 ?:(
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp locix_fra_ifog_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: iFog (v6)";
|
||||
|
||||
neighbor 2001:7f8:f2:e1:0:a120:4927:1 as 34927;
|
||||
|
||||
ipv6 {
|
||||
preference 90; # max MTU < 1500 ?:(
|
||||
};
|
||||
}
|
||||
|
||||
# AS112
|
||||
protocol bgp locix_fra_as112_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: AS112 (v6)";
|
||||
|
||||
neighbor 2001:7f8:f2:e1::112 as 112;
|
||||
}
|
||||
|
||||
# Nato Research Ltd.
|
||||
protocol bgp locix_fra_nato_v4 from locix_fra_v4 {
|
||||
description "LocIX Frankfurt: Nato Research Ltd";
|
||||
|
||||
neighbor 185.1.166.227 as 46997;
|
||||
}
|
||||
|
||||
protocol bgp locix_fra_nato_v6 from locix_fra_v6 {
|
||||
description "LocIX Frankfurt: Nato Research Ltd";
|
||||
|
||||
neighbor 2001:7f8:f2:e1:0:a4:6997:1 as 46997;
|
||||
}
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
protocol bgp meerfarbig from ebgp_peer_v6 {
|
||||
description "meerfarbig (v6)";
|
||||
|
||||
local 2a00:f820:457::2;
|
||||
neighbor 2a00:f820:457::1 as 34549;
|
||||
}
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
protocol mrt {
|
||||
description "MRT Dumper";
|
||||
|
||||
disabled yes;
|
||||
|
||||
table "dn42_grc_*";
|
||||
where source = RTS_BGP;
|
||||
filename "/mnt/mrt/bird/%N_%F_%T.mrt";
|
||||
period 300;
|
||||
}
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
protocol bgp tb_openfactory from ebgp_peer_v6 {
|
||||
description "Openfactory Freetransit";
|
||||
|
||||
local 2a01:20e:1000:133::2;
|
||||
neighbor 2a01:20e:1000:133::1 as 41051;
|
||||
|
||||
ipv6 {
|
||||
preference 80;
|
||||
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v6() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
include "/var/lib/bird/ripe_rcc_beacons.conf";
|
||||
|
||||
template bgp ripe_rcc_v4 {
|
||||
local 80.81.196.155 as 207613;
|
||||
neighbor as 12654;
|
||||
|
||||
ipv4 {
|
||||
table ebgp_v4;
|
||||
|
||||
import where net ~ ripe_rcc_beacons_v4;
|
||||
export none;# !!!! our ebgp_v4 table is bogus !!!!
|
||||
};
|
||||
}
|
||||
|
||||
template bgp ripe_rcc_v6 {
|
||||
local 2001:7f8::3:2afd:0:1 as 207613;
|
||||
neighbor as 12654;
|
||||
|
||||
ipv6 {
|
||||
table ebgp_v6;
|
||||
|
||||
import where net ~ ripe_rcc_beacons_v6;
|
||||
export all;
|
||||
};
|
||||
}
|
||||
|
||||
protocol bgp ripe_rrc12_v4 from ripe_rcc_v4 {
|
||||
description "RIPE RIS Route Collector RRC12 (v4)";
|
||||
|
||||
neighbor 80.81.192.152;
|
||||
}
|
||||
|
||||
protocol bgp ripe_rrc12_v6 from ripe_rcc_v6 {
|
||||
description "RIPE RIS Route Collector RRC12 (v6)";
|
||||
|
||||
neighbor 2001:7f8::316e:0:1;
|
||||
}
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
protocol rpki {
|
||||
roa6 {
|
||||
table roa_v6;
|
||||
};
|
||||
|
||||
remote "10.43.141.166" port 3323;
|
||||
|
||||
retry keep 90;
|
||||
refresh keep 900;
|
||||
expire keep 172800;
|
||||
}
|
||||
|
|
@ -1,65 +1,38 @@
|
|||
protocol static static_v4 {
|
||||
ipv4 {
|
||||
table master4;
|
||||
preference 100;
|
||||
};
|
||||
|
||||
# mail.0l.de
|
||||
route 31.47.232.67/32
|
||||
# hap-1.moon.vms.0l.de
|
||||
route 141.98.136.132/32
|
||||
via "virbr1";
|
||||
|
||||
# hap-0.0l.de
|
||||
route 31.47.232.68/32
|
||||
# idfx-1.moon.vms.0l.de
|
||||
route 141.98.136.133/32
|
||||
via "virbr1";
|
||||
|
||||
# k8s.0l.de
|
||||
route 31.47.232.69/32
|
||||
via "virbr1";
|
||||
|
||||
# tor.edgy.vms.0l.de
|
||||
route 31.47.232.70/32
|
||||
via "virbr1";
|
||||
|
||||
# Internal Transport
|
||||
route 172.23.156.0/27
|
||||
reject;
|
||||
|
||||
route 172.20.0.0/14
|
||||
reject;
|
||||
|
||||
# Marienstrasse
|
||||
route 192.168.178.0/24
|
||||
via 172.23.156.9;
|
||||
|
||||
route 0.0.0.0/0
|
||||
via 31.47.232.65;
|
||||
via l66_gw_v4;
|
||||
}
|
||||
|
||||
protocol static static_v6 {
|
||||
ipv6 {
|
||||
table master6;
|
||||
};
|
||||
protocol static static_v6 {
|
||||
ipv6;
|
||||
|
||||
# NAT64
|
||||
route 2a09:11c0:201::/96 reject;
|
||||
|
||||
# Docker on fedora-ws.edgy.vms.0l.de
|
||||
route 2a09:11c0:200:1100::/64
|
||||
via 2a09:11c0:200:101:5054:ff:fe99:c5c4;
|
||||
|
||||
route ::/0 reject;
|
||||
# route ::/0
|
||||
# via l66_gw_v6;
|
||||
}
|
||||
|
||||
|
||||
protocol static static_ebgp_v6 {
|
||||
ipv6 {
|
||||
table ebgp_v6;
|
||||
};
|
||||
|
||||
# My own prefixes for eBGP announcement
|
||||
route 2a09:11c0:203::/48 reject;
|
||||
|
||||
route 2a0e:97c7:100::/44 reject;
|
||||
route 2a09:11c0:200::/44 reject;
|
||||
route 2a09:4c2:1b::/48 reject;
|
||||
route 2a09:11c0:202::/48 reject;
|
||||
#route 2a0e:97c7:100::/44 reject;
|
||||
#route 2a09:11c0:200::/44 reject;
|
||||
#route 2a09:4c2:1b::/48 reject;
|
||||
}
|
||||
|
||||
protocol static static_ebgp_v4 {
|
||||
|
|
@ -68,24 +41,6 @@ protocol static static_ebgp_v4 {
|
|||
};
|
||||
|
||||
# For wireguard
|
||||
route 0.0.0.0/0 via 31.47.232.65;
|
||||
route 31.47.232.64/29 via "eno1";
|
||||
}
|
||||
|
||||
protocol static static_dn42_v4 {
|
||||
ipv4 {
|
||||
table dn42_v4;
|
||||
};
|
||||
|
||||
route 172.23.156.0/23
|
||||
reject;
|
||||
}
|
||||
|
||||
protocol static static_dn42_v6 {
|
||||
ipv6 {
|
||||
table dn42_v6;
|
||||
};
|
||||
|
||||
route fd42:4dd0:ff00::/48
|
||||
reject;
|
||||
route 0.0.0.0/0 via 141.98.136.129;
|
||||
route 141.98.136.128/29 via "bond0";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,20 +0,0 @@
|
|||
protocol bgp tb_he1 from ebgp_peer_v6 {
|
||||
description "tunnelserver.net (Hurricane Electric)";
|
||||
|
||||
local 2001:470:12:1ab::2;
|
||||
neighbor 2001:470:12:1ab::1 as 6939;
|
||||
|
||||
ipv6 {
|
||||
preference 80;
|
||||
|
||||
export filter {
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
bgp_path = prepend(bgp_path, my_ripe_asn);
|
||||
|
||||
if ebgp_export_v6() then
|
||||
accept;
|
||||
else
|
||||
reject;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -17,4 +17,3 @@ roa4 table roa_dn42_v4;
|
|||
|
||||
ipv6 table dn42_v6;
|
||||
roa6 table roa_dn42_v6;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,44 +0,0 @@
|
|||
template bgp dn42_peer {
|
||||
local as my_dn42_asn;
|
||||
|
||||
graceful restart on;
|
||||
}
|
||||
|
||||
template bgp dn42_peer_v46 from dn42_peer {
|
||||
ipv4 {
|
||||
table dn42_v4;
|
||||
|
||||
import keep filtered;
|
||||
import where dn42_import_v4();
|
||||
export where dn42_export_v4();
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
table dn42_v6;
|
||||
|
||||
import keep filtered;
|
||||
import where dn42_import_v6();
|
||||
export where dn42_export_v6();
|
||||
};
|
||||
}
|
||||
|
||||
template bgp dn42_peer_v4 from dn42_peer {
|
||||
ipv4 {
|
||||
table dn42_v4;
|
||||
|
||||
import keep filtered;
|
||||
import where dn42_import_v4();
|
||||
export where dn42_export_v4();
|
||||
};
|
||||
}
|
||||
|
||||
template bgp dn42_peer_v6 from dn42_peer {
|
||||
ipv6 {
|
||||
table dn42_v6;
|
||||
|
||||
import keep filtered;
|
||||
import where dn42_import_v6();
|
||||
export where dn42_export_v6();
|
||||
};
|
||||
}
|
||||
|
||||
|
|
@ -2,7 +2,6 @@ template bgp ebgp_peer {
|
|||
local as my_ripe_asn;
|
||||
|
||||
graceful restart on;
|
||||
allow local as 1;
|
||||
}
|
||||
|
||||
template bgp ebgp_peer_v6 from ebgp_peer {
|
||||
|
|
|
|||
|
|
@ -1,27 +0,0 @@
|
|||
template bgp rr_clients {
|
||||
local as my_ripe_asn;
|
||||
neighbor as my_ripe_asn;
|
||||
|
||||
rr client;
|
||||
rr cluster id 172.23.156.3;
|
||||
|
||||
direct;
|
||||
|
||||
ipv4 {
|
||||
import keep filtered;
|
||||
import where ibgp_import_v4();
|
||||
export where ibgp_export_v4();
|
||||
|
||||
next hop self;
|
||||
aigp originate;
|
||||
};
|
||||
|
||||
ipv6 {
|
||||
import keep filtered;
|
||||
import where ibgp_import_v6();
|
||||
export where ibgp_export_v6();
|
||||
|
||||
next hop self;
|
||||
aigp originate;
|
||||
};
|
||||
}
|
||||
17
update.sh
17
update.sh
|
|
@ -1,17 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
git -C icvpn-meta/ pull
|
||||
|
||||
cd /etc/bird
|
||||
|
||||
icvpn-scripts/mkroa -s icvpn-meta > /var/lib/bird/icvpn_roa.conf
|
||||
|
||||
curl -sfSLR {-o,-z}/var/lib/bird/bird_roa_dn42_v4.conf https://dn42.burble.com/roa/dn42_roa_bird2_4.conf
|
||||
curl -sfSLR {-o,-z}/var/lib/bird/bird_roa_dn42_v6.conf https://dn42.burble.com/roa/dn42_roa_bird2_6.conf
|
||||
|
||||
bgpq3 -b -3 -4 AS12654:RS-RIS -l "define ripe_rcc_beacons_v4" > /var/lib/bird/ripe_rcc_beacons.conf
|
||||
bgpq3 -b -3 -6 AS12654:RS-RIS -l "define ripe_rcc_beacons_v6" >> /var/lib/bird/ripe_rcc_beacons.conf
|
||||
bgpq3 -b -3 -6 AS-HETNiX -l "define hetnix_v6" > /var/lib/bird/hetnix_v6.conf
|
||||
|
||||
# Maybe do a 'birdc configure check' before?
|
||||
birdc configure
|
||||
Loading…
Add table
Reference in a new issue