Anonet/BIRD

From Qontrol.nl Wiki
Jump to: navigation, search

This normally goes in /etc/bird.conf:

log syslog { debug, trace, info, remote, error, auth, fatal, bug };

#Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses.
router id 21.2.3.4;

#This filter allows prefixes in dn42, as well as the big anonet network
filter dn42 {
	if net = 172.16.0.0/12 then reject;
	if net = 172.22.0.0/15 then reject;
	if net ~ 172.16.0.0/12 then accept;
	if net = 21.0.0.0/8 then accept;
	reject;
}
#This filter allows prefixes in anonet, as well as the big dn42 network
filter anonet {
	if net = 21.0.0.0/8 then reject;
	if net ~ 21.0.0.0/8 then accept;
	if net = 172.16.0.0/12 then accept;
	if net = 172.22.0.0/15 then accept;
	reject;
}

protocol kernel {
#	learn;			# Learn all alien routes from the kernel
	persist;		# Don't remove routes on bird shutdown
	scan time 20;		# Scan kernel routing table every 20 seconds
#	import none;		# Default is import all
	import all;
	export all;		# Default is export none
}

protocol device {
	scan time 30;		# Scan interfaces every 10 seconds
}

#This is where we define our local network. If you just use the network only
#on this host, or use individual IP addresses, use the reject statement.
#Alternatively, you can route your entire subnetwork to a specific interface.
protocol static {
	route 21.2.3.0/24 reject;
#	route 21.2.3.0/24 via "eth0";
}

#This is a peering with a trusted machine, we exchange all routes
#Jupiter is just a name we give this connection, for use in the
#interactive control shell 'birdc'.
#protocol bgp jupiter {
#	local as 64530;
#	neighbor 10.11.1.2 as 64521;
#	import all; export all;
#}

#This is a peering with an anonet peer
protocol bgp as1112 {
	local as 1234;
	neighbor 21.82.98.2 as 1112;
	export filter anonet; import filter anonet;
}

#To add another anonet peer, add another protocol block.