mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2024-11-09 12:48:43 +00:00
268 lines
4.5 KiB
Plaintext
268 lines
4.5 KiB
Plaintext
/*
|
|
* This is an example configuration file for MB-BGP setting
|
|
*/
|
|
|
|
|
|
log "bird.log" all;
|
|
# debug protocols all;
|
|
|
|
router id 192.168.1.1;
|
|
|
|
ipv4 table master4;
|
|
ipv6 table master6;
|
|
|
|
ipv4 table mcast4;
|
|
ipv6 table mcast6;
|
|
|
|
flow4 table flowtab4;
|
|
flow6 table flowtab6;
|
|
|
|
|
|
protocol device {
|
|
scan time 10;
|
|
}
|
|
|
|
protocol kernel kernel4 {
|
|
scan time 20;
|
|
|
|
ipv4 {
|
|
export all;
|
|
};
|
|
}
|
|
|
|
protocol kernel kernel6 {
|
|
scan time 20;
|
|
|
|
ipv6 {
|
|
export all;
|
|
};
|
|
}
|
|
|
|
|
|
protocol static static4 {
|
|
ipv4;
|
|
|
|
route 10.10.0.0/24 via 192.168.1.2;
|
|
route 10.10.1.0/24 via 192.168.1.2 { bgp_large_community.add((10,20,30)); bgp_large_community.add((10,(20*3),10)); };
|
|
}
|
|
|
|
protocol static static6 {
|
|
ipv6;
|
|
|
|
route 2001:db8:10:10::/64 via 2001:db8:1:1::10;
|
|
route 2001:db8:10:11::/64 via 2001:db8:1:1::10;
|
|
|
|
route 2001:db8:1:1::/64 via fe80::ec9b:67ff:fe60:fd5d % ve1;
|
|
}
|
|
|
|
# RFC 5575 flow specification
|
|
protocol static flowstat4 {
|
|
flow4;
|
|
|
|
route flow4 {
|
|
dst 10.0.0.0/8;
|
|
proto = 23;
|
|
dport > 24 && < 30 || 40..50,60..70,80;
|
|
sport > 24 && < 30 || = 40 || 50,60..70,80;
|
|
icmp type 80;
|
|
icmp code 90;
|
|
tcp flags 0x03/0x0f;
|
|
length 2048..65535;
|
|
dscp = 63;
|
|
fragment dont_fragment, is_fragment || !first_fragment;
|
|
} drop;
|
|
|
|
route flow4 {
|
|
dst 11.0.0.0/8;
|
|
proto = 0x12;
|
|
sport > 0x5678 && < 0x9abc || 0xdef0 || 0x1234,0x5678,0x9abc..0xdef0;
|
|
dport = 50;
|
|
tcp flags 0xabcd/0xbbdd;
|
|
} drop;
|
|
|
|
route flow4 {
|
|
dst 12.0.0.0/32;
|
|
tcp flags ! 0 / 0x9999;
|
|
} drop;
|
|
|
|
route flow4 {
|
|
dst 220.0.254.0/24;
|
|
tcp flags 0x99 / 0x9999;
|
|
} drop;
|
|
|
|
route flow4 {
|
|
dst 220.0.254.192/28;
|
|
tcp flags !0xffff / 0xFFFF;
|
|
} drop;
|
|
|
|
route flow4 {
|
|
dst 15.0.0.0/8;
|
|
tcp flags !0x9999/0x9999;
|
|
} drop;
|
|
}
|
|
|
|
protocol static flowstat6 {
|
|
flow6;
|
|
|
|
route flow6 {
|
|
dst fec0:1122:3344:5566::1/128;
|
|
src 0000:0000:0000:0001:1234:5678:9800:0000/101 offset 63;
|
|
next header = 23;
|
|
sport 24..30, 42 || 50,60,70..80;
|
|
dport = 50;
|
|
tcp flags 0x03/0x0f, !0/0xff || 0x33/0x33;
|
|
fragment !is_fragment || !first_fragment;
|
|
label 0xaaaa/0xaaaa && 0x33/0x33;
|
|
} drop;
|
|
|
|
route flow6 {
|
|
dst fec0:1122:3344:5566::1/128;
|
|
src ::1:1234:5678:9800:0/101 offset 63;
|
|
next header = 23;
|
|
dport = 50;
|
|
sport > 24 && < 30 || = 40 || = 50 || = 60 || >= 70 && <= 80;
|
|
tcp flags 0x3/0x3 && 0x0/0xc;
|
|
} drop;
|
|
}
|
|
|
|
|
|
protocol pipe {
|
|
table master4;
|
|
peer table mcast4;
|
|
import none;
|
|
export where source = RTS_OSPF;
|
|
}
|
|
|
|
protocol pipe {
|
|
table master6;
|
|
peer table mcast6;
|
|
import none;
|
|
export where source = RTS_OSPF;
|
|
}
|
|
|
|
protocol ospf2 ospf4 {
|
|
# ecmp;
|
|
|
|
ipv4 {
|
|
import all;
|
|
# export where source = RTS_STATIC;
|
|
};
|
|
|
|
area 0 {
|
|
interface "ve0" { stub; };
|
|
interface "ve1" { hello 5; type ptp; };
|
|
interface "ve2" { hello 5; type bcast; ttl security; };
|
|
interface "ve3" { hello 5; type bcast; ttl security; };
|
|
};
|
|
}
|
|
|
|
|
|
protocol ospf3 ospf6 {
|
|
# ecmp;
|
|
|
|
ipv6 {
|
|
import all;
|
|
# export where source = RTS_STATIC;
|
|
};
|
|
|
|
area 0 {
|
|
interface "ve0" { stub; };
|
|
interface "ve1" { hello 5; type ptp; };
|
|
interface "ve2" { hello 5; type bcast; };
|
|
};
|
|
}
|
|
|
|
protocol bgp {
|
|
local 192.168.11.1 as 1000;
|
|
neighbor 192.168.11.2 as 2000;
|
|
# local 192.168.1.1 as 1000;
|
|
# neighbor 192.168.2.1 as 2000;
|
|
# multihop;
|
|
# rr client;
|
|
# strict bind;
|
|
# debug all;
|
|
|
|
# regular IPv4 unicast (1/1)
|
|
ipv4 {
|
|
# connects to master4 table by default
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
};
|
|
|
|
# regular IPv6 unicast (2/1)
|
|
ipv6 {
|
|
# connects to master6 table by default
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
# next hop address 2001:db8:1:1::1;
|
|
};
|
|
|
|
# IPv4 multicast topology (1/2)
|
|
ipv4 multicast {
|
|
# explicit IPv4 table
|
|
table mcast4;
|
|
import all;
|
|
export all;
|
|
};
|
|
|
|
# IPv6 multicast topology (2/2)
|
|
ipv6 multicast {
|
|
# explicit IPv6 table
|
|
table mcast6;
|
|
import all;
|
|
export all;
|
|
# next hop address 2001:db8:1:1::1;
|
|
};
|
|
|
|
# IPv4 Flowspec (1/133)
|
|
flow4 {
|
|
# connects to flowtab4 table by default
|
|
import all;
|
|
export all;
|
|
};
|
|
|
|
# IPv6 Flowspec (2/133)
|
|
flow6 {
|
|
# connects to flowtab6 table by default
|
|
import all;
|
|
export all;
|
|
};
|
|
}
|
|
|
|
protocol bgp {
|
|
local 192.168.1.1 as 1000;
|
|
neighbor 192.168.3.1 as 1000;
|
|
multihop;
|
|
rr client;
|
|
|
|
ipv4 {
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
};
|
|
|
|
ipv6 {
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
next hop address 2001:db8:1:1::1;
|
|
};
|
|
}
|
|
|
|
protocol bgp {
|
|
local 2001:db8:1:1::1 as 1000;
|
|
neighbor 2001:db8:4:1::1 as 1000;
|
|
multihop;
|
|
rr client;
|
|
|
|
ipv4 {
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
next hop address 192.168.4.1;
|
|
};
|
|
|
|
ipv6 {
|
|
import all;
|
|
export where source ~ [ RTS_STATIC, RTS_BGP ];
|
|
};
|
|
}
|
|
|