Anonet/BIRD: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
Line 4: | Line 4: | ||
#Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses. | #Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses. | ||
router id | router id 21.2.3.4; | ||
#This filter allows prefixes in dn42, as well as the big anonet network | #This filter allows prefixes in dn42, as well as the big anonet network | ||
Line 11: | Line 11: | ||
if net = 172.22.0.0/15 then reject; | if net = 172.22.0.0/15 then reject; | ||
if net ~ 172.16.0.0/12 then accept; | if net ~ 172.16.0.0/12 then accept; | ||
if net = | if net = 21.0.0.0/8 then accept; | ||
reject; | reject; | ||
} | } | ||
#This filter allows prefixes in anonet, as well as the big dn42 network | #This filter allows prefixes in anonet, as well as the big dn42 network | ||
filter anonet { | filter anonet { | ||
if net = | if net = 21.0.0.0/8 then reject; | ||
if net ~ | if net ~ 21.0.0.0/8 then accept; | ||
if net = 172.16.0.0/12 then accept; | if net = 172.16.0.0/12 then accept; | ||
if net = 172.22.0.0/15 then accept; | if net = 172.22.0.0/15 then accept; | ||
Line 40: | Line 40: | ||
#Alternatively, you can route your entire subnetwork to a specific interface. | #Alternatively, you can route your entire subnetwork to a specific interface. | ||
protocol static { | protocol static { | ||
route | route 21.2.3.0/24 reject; | ||
# route | # route 21.2.3.0/24 via "eth0"; | ||
} | } | ||
Line 56: | Line 56: | ||
protocol bgp as1112 { | protocol bgp as1112 { | ||
local as 1234; | local as 1234; | ||
neighbor | neighbor 21.82.98.2 as 1112; | ||
export filter anonet; import filter anonet; | export filter anonet; import filter anonet; | ||
} | } |
Revision as of 20:21, 14 March 2017
This normally goes in /etc/bird.conf:
log syslog { debug, trace, info, remote, error, auth, fatal, bug }; #Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses. router id 21.2.3.4; #This filter allows prefixes in dn42, as well as the big anonet network filter dn42 { if net = 172.16.0.0/12 then reject; if net = 172.22.0.0/15 then reject; if net ~ 172.16.0.0/12 then accept; if net = 21.0.0.0/8 then accept; reject; } #This filter allows prefixes in anonet, as well as the big dn42 network filter anonet { if net = 21.0.0.0/8 then reject; if net ~ 21.0.0.0/8 then accept; if net = 172.16.0.0/12 then accept; if net = 172.22.0.0/15 then accept; reject; } protocol kernel { # learn; # Learn all alien routes from the kernel persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds # import none; # Default is import all import all; export all; # Default is export none } protocol device { scan time 30; # Scan interfaces every 10 seconds } #This is where we define our local network. If you just use the network only #on this host, or use individual IP addresses, use the reject statement. #Alternatively, you can route your entire subnetwork to a specific interface. protocol static { route 21.2.3.0/24 reject; # route 21.2.3.0/24 via "eth0"; } #This is a peering with a trusted machine, we exchange all routes #Jupiter is just a name we give this connection, for use in the #interactive control shell 'birdc'. #protocol bgp jupiter { # local as 64530; # neighbor 10.11.1.2 as 64521; # import all; export all; #} #This is a peering with an anonet peer protocol bgp as1112 { local as 1234; neighbor 21.82.98.2 as 1112; export filter anonet; import filter anonet; } #To add another anonet peer, add another protocol block.