bird/filters/ebgp.conf
2020-08-24 10:13:07 +02:00

62 lines
1.2 KiB
Text

function ebgp_import_v4()
bool ok;
{
ok = false;
return ok;
}
function ebgp_import_v6()
bool ok;
{
ok = true;
# Make sure we dont use peering IPs for originating traffic
krt_prefsrc = 2a09:11c0:200::14;
if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_VALID then
bgp_large_community.add(informational_rpki_valid);
else if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
bgp_large_community.add(informational_rpki_unknown);
else if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
print "Ignore RPKI invalid ", net, " for ASN ", bgp_path.last, " from ", proto;
bgp_large_community.add(informational_rpki_invalid);
ok = false;
}
else
bgp_large_community.add(informational_rpki_not_checked);
if net.len > 48 then {
bgp_large_community.add(filtered_import_prefix_too_long);
ok = false;
}
if bgp_path.len > 64 then {
bgp_large_community.add(filtered_import_as_path_too_long);
ok = false;
}
return ok;
}
function ebgp_export_v4()
bool ok;
{
# I dont have ane IPv4 prefixes :(
return false;
}
function ebgp_export_v6()
bool ok;
{
ok = true;
if ! is_mine_ripe() then
ok = false;
if net = 2a09:11c0:202::/48 then
ok = false;
return ok;
}