mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2024-12-22 09:41:54 +00:00
Doc: Redesign default config file
The old one does not work with 2.0.x.
This commit is contained in:
parent
89ac4dd3c4
commit
3b522a1e5c
@ -1,222 +1,204 @@
|
|||||||
/*
|
# This is a basic configuration file, which contains boilerplate options and
|
||||||
* This is an example configuration file
|
# some basic examples. It allows the BIRD daemon to start but will not cause
|
||||||
* (for version 1.x.x, obsolete)
|
# anything else to happen.
|
||||||
*/
|
#
|
||||||
|
# Please refer to the BIRD User's Guide documentation, which is also available
|
||||||
# Yes, even shell-like comments work...
|
# online at http://bird.network.cz/ in HTML format, for more information on
|
||||||
|
# configuring BIRD and adding routing protocols.
|
||||||
|
|
||||||
# Configure logging
|
# Configure logging
|
||||||
#log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
|
log syslog all;
|
||||||
#log stderr all;
|
# log "/var/log/bird.log" { debug, trace, info, remote, warning, error, auth, fatal, bug };
|
||||||
#log "tmp" all;
|
|
||||||
|
|
||||||
# Override router ID
|
# Set router ID. It is a unique identification of your router, usually one of
|
||||||
|
# IPv4 addresses of the router. It is recommended to configure it explicitly.
|
||||||
# router id 198.51.100.1;
|
# router id 198.51.100.1;
|
||||||
|
|
||||||
# You can define your own symbols...
|
# Turn on global debugging of all protocols (all messages or just selected classes)
|
||||||
#define xyzzy = (120+10);
|
|
||||||
#define '1a-a1' = (30+40);
|
|
||||||
|
|
||||||
# Define a route filter...
|
|
||||||
#filter test_filter {
|
|
||||||
# if net ~ 10.0.0.0/16 then accept;
|
|
||||||
# else reject;
|
|
||||||
#}
|
|
||||||
|
|
||||||
#filter sink { reject; }
|
|
||||||
#filter okay { accept; }
|
|
||||||
|
|
||||||
#include "filters.conf";
|
|
||||||
|
|
||||||
# Define another routing table
|
|
||||||
#table testable;
|
|
||||||
|
|
||||||
# Turn on global debugging of all protocols
|
|
||||||
# debug protocols all;
|
# debug protocols all;
|
||||||
|
# debug protocols { events, states };
|
||||||
|
|
||||||
# Turn on internal watchdog
|
# Turn on internal watchdog
|
||||||
# watchdog warning 5 s;
|
# watchdog warning 5 s;
|
||||||
# watchdog timeout 30 s;
|
# watchdog timeout 30 s;
|
||||||
|
|
||||||
# The direct protocol automatically generates device routes to
|
# You can define your own constants
|
||||||
# all network interfaces. Can exist in as many instances as you wish
|
# define my_asn = 65000;
|
||||||
# if you want to populate multiple routing tables with device routes.
|
# define my_addr = 198.51.100.1;
|
||||||
#protocol direct {
|
|
||||||
# interface "-eth*", "*"; # Restrict network interfaces it works with
|
|
||||||
#}
|
|
||||||
|
|
||||||
# This pseudo-protocol performs synchronization between BIRD's routing
|
# Tables master4 and master6 are defined by default
|
||||||
# tables and the kernel. If your kernel supports multiple routing tables
|
# ipv4 table master4;
|
||||||
# (as Linux 2.2.x does), you can run multiple instances of the kernel
|
# ipv6 table master6;
|
||||||
# protocol and synchronize different kernel tables with different BIRD tables.
|
|
||||||
protocol kernel {
|
|
||||||
# learn; # Learn all alien routes from the kernel
|
|
||||||
persist; # Don't remove routes on bird shutdown
|
|
||||||
scan time 20; # Scan kernel routing table every 20 seconds
|
|
||||||
# import none; # Default is import all
|
|
||||||
export all; # Default is export none
|
|
||||||
# kernel table 5; # Kernel table to synchronize with (default: main)
|
|
||||||
}
|
|
||||||
|
|
||||||
# This pseudo-protocol watches all interface up/down events.
|
# Define more tables, e.g. for policy routing or as MRIB
|
||||||
|
# ipv4 table mrib4;
|
||||||
|
# ipv6 table mrib6;
|
||||||
|
|
||||||
|
# The Device protocol is not a real routing protocol. It does not generate any
|
||||||
|
# routes and it only serves as a module for getting information about network
|
||||||
|
# interfaces from the kernel. It is necessary in almost any configuration.
|
||||||
protocol device {
|
protocol device {
|
||||||
scan time 10; # Scan interfaces every 10 seconds
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Static routes (again, there can be multiple instances, so that you
|
# The direct protocol is not a real routing protocol. It automatically generates
|
||||||
# can disable/enable various groups of static routes on the fly).
|
# direct routes to all network interfaces. Can exist in as many instances as you
|
||||||
|
# wish if you want to populate multiple routing tables with direct routes.
|
||||||
|
protocol direct {
|
||||||
|
disabled; # Disable by default
|
||||||
|
ipv4; # Connect to default IPv4 table
|
||||||
|
ipv6; # ... and to default IPv6 table
|
||||||
|
}
|
||||||
|
|
||||||
|
# The Kernel protocol is not a real routing protocol. Instead of communicating
|
||||||
|
# with other routers in the network, it performs synchronization of BIRD
|
||||||
|
# routing tables with the OS kernel. One instance per table.
|
||||||
|
protocol kernel {
|
||||||
|
ipv4 { # Connect protocol to IPv4 table by channel
|
||||||
|
# table master4; # Default IPv4 table is master4
|
||||||
|
# import all; # Import to table, default is import all
|
||||||
|
export all; # Export to protocol. default is export none
|
||||||
|
};
|
||||||
|
# learn; # Learn alien routes from the kernel
|
||||||
|
# kernel table 10; # Kernel table to synchronize with (default: main)
|
||||||
|
}
|
||||||
|
|
||||||
|
# Another instance for IPv6, skipping default options
|
||||||
|
protocol kernel {
|
||||||
|
ipv6 { export all; };
|
||||||
|
}
|
||||||
|
|
||||||
|
# Static routes (Again, there can be multiple instances, for different address
|
||||||
|
# families and to disable/enable various groups of static routes on the fly).
|
||||||
protocol static {
|
protocol static {
|
||||||
# disabled; # Disable by default
|
ipv4; # Again, IPv4 channel with default options
|
||||||
# table testable; # Connect to a non-default table
|
|
||||||
# preference 1000; # Default preference of routes
|
# route 0.0.0.0/0 via 198.51.100.10;
|
||||||
# debug { states, routes, filters, interfaces, events, packets };
|
# route 192.0.2.0/24 blackhole;
|
||||||
# debug all;
|
|
||||||
# route 0.0.0.0/0 via 198.51.100.13;
|
|
||||||
# route 198.51.100.0/25 unreachable;
|
|
||||||
# route 10.0.0.0/8 unreachable;
|
# route 10.0.0.0/8 unreachable;
|
||||||
# route 10.1.1.0:255.255.255.0 via 198.51.100.3;
|
# route 10.2.0.0/24 via "eth0";
|
||||||
# route 10.1.2.0:255.255.255.0 via 198.51.100.3;
|
# # Static routes can be defined with optional attributes
|
||||||
# route 10.1.3.0:255.255.255.0 via 198.51.100.4;
|
# route 10.1.1.0/24 via 198.51.100.3 { rip_metric = 3; };
|
||||||
# route 10.2.0.0/24 via "arc0";
|
# route 10.1.2.0/24 via 198.51.100.3 { ospf_metric1 = 100; };
|
||||||
|
# route 10.1.3.0/24 via 198.51.100.4 { ospf_metric2 = 100; };
|
||||||
}
|
}
|
||||||
|
|
||||||
# Pipe protocol connects two routing tables... Beware of loops.
|
# Pipe protocol connects two routing tables. Beware of loops.
|
||||||
# protocol pipe {
|
# protocol pipe {
|
||||||
# peer table testable;
|
# table master4; # No ipv4/ipv6 channel definition like in other protocols
|
||||||
# Define what routes do we export to this protocol / import from it.
|
# peer table mrib4;
|
||||||
# import all; # default is all
|
# import all; # Direction peer table -> table
|
||||||
# export all; # default is none
|
# export all; # Direction table -> peer table
|
||||||
# import none; # If you wish to disable imports
|
|
||||||
# import filter test_filter; # Use named filter
|
|
||||||
# import where source = RTS_DEVICE; # Use explicit filter
|
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# RIP aka Rest In Pieces...
|
# RIP example, both RIP and RIPng are supported
|
||||||
#protocol rip MyRIP { # You can also use an explicit name
|
# protocol rip {
|
||||||
# preference xyzzy;
|
# ipv4 {
|
||||||
# debug all;
|
# # Export direct, static routes and ones from RIP itself
|
||||||
# port 1520;
|
# import all;
|
||||||
# period 7;
|
# export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_RIP ];
|
||||||
# infinity 16;
|
|
||||||
# garbage time 60;
|
|
||||||
# interface "*" { mode broadcast; };
|
|
||||||
# honor neighbor; # To whom do we agree to send the routing table
|
|
||||||
# honor always;
|
|
||||||
# honor never;
|
|
||||||
# passwords {
|
|
||||||
# password "nazdar";
|
|
||||||
# };
|
# };
|
||||||
# authentication none;
|
|
||||||
# import filter { print "importing"; accept; };
|
|
||||||
# export filter { print "exporting"; accept; };
|
|
||||||
#}
|
|
||||||
|
|
||||||
#protocol ospf MyOSPF {
|
|
||||||
# tick 2;
|
|
||||||
# rfc1583compat yes;
|
|
||||||
# area 0.0.0.0 {
|
|
||||||
# stub no;
|
|
||||||
# interface "eth*" {
|
# interface "eth*" {
|
||||||
# hello 9;
|
# update time 10; # Default period is 30
|
||||||
# retransmit 6;
|
# timeout time 60; # Default timeout is 180
|
||||||
# cost 10;
|
# authentication cryptographic; # No authentication by default
|
||||||
# transmit delay 5;
|
# password "hello" { algorithm hmac sha256; }; # Default is MD5
|
||||||
# dead count 5;
|
|
||||||
# wait 50;
|
|
||||||
# type broadcast;
|
|
||||||
# authentication simple;
|
|
||||||
# password "pass";
|
|
||||||
# };
|
|
||||||
# interface "arc0" {
|
|
||||||
# rx buffer large;
|
|
||||||
# type nonbroadcast;
|
|
||||||
# poll 14;
|
|
||||||
# dead 75;
|
|
||||||
# neighbors {
|
|
||||||
# 10.1.1.2 eligible;
|
|
||||||
# 10.1.1.4;
|
|
||||||
# };
|
|
||||||
# strict nonbroadcast yes;
|
|
||||||
# };
|
|
||||||
# interface "xxx0" {
|
|
||||||
# passwords {
|
|
||||||
# password "abc" {
|
|
||||||
# id 1;
|
|
||||||
# generate to "22-04-2003 11:00:06";
|
|
||||||
# accept to "17-01-2004 12:01:05";
|
|
||||||
# };
|
|
||||||
# password "def" {
|
|
||||||
# id 2;
|
|
||||||
# generate from "22-04-2003 11:00:07";
|
|
||||||
# accept from "17-01-2003 12:01:05";
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
# authentication cryptographic;
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
# area 20 {
|
|
||||||
# stub 1;
|
|
||||||
# interface "ppp1" {
|
|
||||||
# hello 8;
|
|
||||||
# authentication none;
|
|
||||||
# };
|
|
||||||
# interface "fr*";
|
|
||||||
# virtual link 192.168.0.1 {
|
|
||||||
# password "sdsdffsdfg";
|
|
||||||
# authentication cryptographic;
|
|
||||||
# };
|
|
||||||
# };
|
# };
|
||||||
# }
|
# }
|
||||||
|
|
||||||
|
# OSPF example, both OSPFv2 and OSPFv3 are supported
|
||||||
#protocol bgp {
|
# protocol ospf v3 {
|
||||||
# disabled;
|
# ipv6 {
|
||||||
# description "My BGP uplink";
|
# import all;
|
||||||
# local as 65000;
|
|
||||||
# neighbor 198.51.100.130 as 64496;
|
|
||||||
# multihop;
|
|
||||||
# hold time 240;
|
|
||||||
# startup hold time 240;
|
|
||||||
# connect retry time 120;
|
|
||||||
# keepalive time 80; # defaults to hold time / 3
|
|
||||||
# start delay time 5; # How long do we wait before initial connect
|
|
||||||
# error wait time 60, 300;# Minimum and maximum time we wait after an error (when consecutive
|
|
||||||
# # errors occur, we increase the delay exponentially ...
|
|
||||||
# error forget time 300; # ... until this timeout expires)
|
|
||||||
# disable after error; # Disable the protocol automatically when an error occurs
|
|
||||||
# next hop self; # Disable next hop processing and always advertise our local address as nexthop
|
|
||||||
# path metric 1; # Prefer routes with shorter paths (like Cisco does)
|
|
||||||
# default bgp_med 0; # MED value we use for comparison when none is defined
|
|
||||||
# default bgp_local_pref 0; # The same for local preference
|
|
||||||
# source address 198.51.100.14; # What local address we use for the TCP connection
|
|
||||||
# password "secret"; # Password used for MD5 authentication
|
|
||||||
# rr client; # I am a route reflector and the neighor is my client
|
|
||||||
# rr cluster id 1.0.0.1; # Use this value for cluster id instead of my router id
|
|
||||||
# export where source = RTS_STATIC;
|
# export where source = RTS_STATIC;
|
||||||
# export filter {
|
# };
|
||||||
# if source = RTS_STATIC then {
|
# area 0 {
|
||||||
# bgp_community = -empty-; bgp_community = add(bgp_community,(65000,5678));
|
# interface "eth*" {
|
||||||
# bgp_origin = 0;
|
# type broadcast; # Detected by default
|
||||||
# bgp_community = -empty-; bgp_community.add((65000,5678));
|
# cost 10; # Interface metric
|
||||||
# if (65000,64501) ~ bgp_community then
|
# hello 5; # Default hello perid 10 is too long
|
||||||
# bgp_community.add((0, 1));
|
# };
|
||||||
# if bgp_path ~ [= 65000 =] then
|
# interface "tun*" {
|
||||||
# bgp_path.prepend(65000);
|
# type ptp; # PtP mode, avoids DR selection
|
||||||
# accept;
|
# cost 100; # Interface metric
|
||||||
# }
|
# hello 5; # Default hello perid 10 is too long
|
||||||
# reject;
|
# };
|
||||||
|
# interface "dummy0" {
|
||||||
|
# stub; # Stub interface, just propagate it
|
||||||
|
# };
|
||||||
# };
|
# };
|
||||||
#}
|
#}
|
||||||
|
|
||||||
|
# Define simple filter as an example for BGP import filter
|
||||||
|
# See https://gitlab.labs.nic.cz/labs/bird/wikis/BGP_filtering for more examples
|
||||||
|
# filter rt_import
|
||||||
|
# {
|
||||||
|
# if bgp_path.first != 64496 then accept;
|
||||||
|
# if bgp_path.len > 64 then accept;
|
||||||
|
# if bgp_next_hop != from then accept;
|
||||||
|
# reject;
|
||||||
|
# }
|
||||||
|
|
||||||
|
# BGP example, explicit name 'uplink1' is used instead of default 'bgp1'
|
||||||
|
# protocol bgp uplink1 {
|
||||||
|
# description "My BGP uplink";
|
||||||
|
# local 198.51.100.1 as 65000;
|
||||||
|
# neighbor 198.51.100.10 as 64496;
|
||||||
|
# hold time 90; # Default is 240
|
||||||
|
# password "secret"; # Password used for MD5 authentication
|
||||||
#
|
#
|
||||||
# Template usage example
|
# ipv4 { # regular IPv4 unicast (1/1)
|
||||||
#template bgp rr_client {
|
# import filter rt_import;
|
||||||
# disabled;
|
# export where source ~ [ RTS_STATIC, RTS_BGP ];
|
||||||
# local as 65000;
|
# };
|
||||||
# multihop;
|
#
|
||||||
|
# ipv6 { # regular IPv6 unicast (2/1)
|
||||||
|
# import filter rt_import;
|
||||||
|
# export filter { # The same as 'where' expression above
|
||||||
|
# if source ~ [ RTS_STATIC, RTS_BGP ]
|
||||||
|
# then accept;
|
||||||
|
# else reject;
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
#
|
||||||
|
# ipv4 multicast { # IPv4 multicast topology (1/2)
|
||||||
|
# table mrib4; # explicit IPv4 table
|
||||||
|
# import filter rt_import;
|
||||||
|
# export all;
|
||||||
|
# };
|
||||||
|
#
|
||||||
|
# ipv6 multicast { # IPv6 multicast topology (2/2)
|
||||||
|
# table mrib6; # explicit IPv6 table
|
||||||
|
# import filter rt_import;
|
||||||
|
# export all;
|
||||||
|
# };
|
||||||
|
#}
|
||||||
|
|
||||||
|
# Template example. Using templates to define IBGP route reflector clients.
|
||||||
|
# template bgp rr_clients {
|
||||||
|
# local 10.0.0.1 as 65000;
|
||||||
|
# neighbor as 65000;
|
||||||
# rr client;
|
# rr client;
|
||||||
# rr cluster id 1.0.0.1;
|
# rr cluster id 1.0.0.1;
|
||||||
|
#
|
||||||
|
# ipv4 {
|
||||||
|
# import all;
|
||||||
|
# export where source = RTS_BGP;
|
||||||
|
# };
|
||||||
|
#
|
||||||
|
# ipv6 {
|
||||||
|
# import all;
|
||||||
|
# export where source = RTS_BGP;
|
||||||
|
# };
|
||||||
# }
|
# }
|
||||||
#
|
#
|
||||||
#protocol bgp rr_abcd from rr_client {
|
# protocol bgp client1 from rr_clients {
|
||||||
# neighbor 10.1.4.7 as 65000;
|
# neighbor 10.0.1.1;
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# protocol bgp client2 from rr_clients {
|
||||||
|
# neighbor 10.0.2.1;
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# protocol bgp client3 from rr_clients {
|
||||||
|
# neighbor 10.0.3.1;
|
||||||
# }
|
# }
|
||||||
|
Loading…
Reference in New Issue
Block a user