Anonet/BIRD

From Qontrol.nl Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This normally goes in /etc/bird.conf:

log syslog { debug, trace, info, remote, error, auth, fatal, bug };

#Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses.
router id 21.2.3.4;

#This filter allows prefixes in dn42, as well as the big anonet network
filter dn42 {
	if net = 172.16.0.0/12 then reject;
	if net = 172.22.0.0/15 then reject;
	if net ~ 172.16.0.0/12 then accept;
	if net = 21.0.0.0/8 then accept;
	reject;
}
#This filter allows prefixes in anonet, as well as the big dn42 network
filter anonet {
	if net = 21.0.0.0/8 then reject;
	if net ~ 21.0.0.0/8 then accept;
	if net = 172.16.0.0/12 then accept;
	if net = 172.22.0.0/15 then accept;
	reject;
}

protocol kernel {
#	learn;			# Learn all alien routes from the kernel
	persist;		# Don't remove routes on bird shutdown
	scan time 20;		# Scan kernel routing table every 20 seconds
#	import none;		# Default is import all
	import all;
	export all;		# Default is export none
}

protocol device {
	scan time 30;		# Scan interfaces every 10 seconds
}

#This is where we define our local network. If you just use the network only
#on this host, or use individual IP addresses, use the reject statement.
#Alternatively, you can route your entire subnetwork to a specific interface.
protocol static {
	route 21.2.3.0/24 reject;
#	route 21.2.3.0/24 via "eth0";
}

#This is a peering with a trusted machine, we exchange all routes
#Jupiter is just a name we give this connection, for use in the
#interactive control shell 'birdc'.
#protocol bgp jupiter {
#	local as 64530;
#	neighbor 10.11.1.2 as 64521;
#	import all; export all;
#}

#This is a peering with an anonet peer
protocol bgp as1112 {
	local as 1234;
	neighbor 21.82.98.2 as 1112;
	export filter anonet; import filter anonet;
}

#To add another anonet peer, add another protocol block.