brnet/bird_config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove unet and ospf config files

Browse Source
This commit is contained in:
gaoyuheng
2026-04-07 16:47:12 +08:00
parent 1660565696
commit 13d19a1b65
14 changed files with 37 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
bird/bird.conf
View File

@@ -27,10 +27,6 @@ protocol kernel {
import none; import none;
export filter { export filter {
if source = RTS_STATIC then reject; if source = RTS_STATIC then reject;
if unet_is_valid_network_v4() then {
krt_prefsrc = UNET_V4_kernel;
accept;
}
if !is_bogon_prefix() then { if !is_bogon_prefix() then {
krt_prefsrc = LOCAL_V4_kernel; krt_prefsrc = LOCAL_V4_kernel;
accept; accept;
@@ -40,4 +36,5 @@ protocol kernel {
}; };
}; };
include "/etc/bird/net/*.conf"; include "/etc/bird/template/*.conf";
include "/etc/bird/peers/*.conf";

81
bird/conf/mynet.conf
View File

@@ -4,87 +4,8 @@ function is_self_net() {
]; ];
} }
protocol static route_int_export_v4 {
route 44.32.191.0/24 reject;
ipv4 {
table inet4;
import filter {
bgp_large_community.add((LOCAL_ASN,3,0));
bgp_large_community.add((LOCAL_ASN,1,0));
bgp_large_community.add((LOCAL_ASN,200,0));
accept;
};
export none;
};
}
function is_self_net_v6() { function is_self_net_v6() {
return net ~ [ return net ~ [
2406:840:e600::/44{44,48}, 2406:840:e600::/44{44,48}
2a14:7580:9600::/40{40,48}
]; ];
} }
protocol static route_int_export_v6 {
route 2406:840:e600::/48 reject;
route 2406:840:e601::/48 reject;
route 2406:840:e608::/46 reject;
route 2a14:7580:9600::/47 reject;
route 2a14:7580:9603::/48 reject;
route 2a14:7580:9604::/48 reject;
ipv6 {
table inet6;
import filter {
bgp_large_community.add((LOCAL_ASN,3,0));
bgp_large_community.add((LOCAL_ASN,1,0));
bgp_large_community.add((LOCAL_ASN,200,0));
accept;
};
export none;
};
}
function unet_is_self_net() {
return net ~ [
10.188.2.0/23+,
10.188.11.0/24,
172.20.21.0/29
];
}
protocol static route_unet_export_v4 {
route 10.188.2.0/23 reject;
route 10.188.11.0/24 reject;
ipv4 {
table unet4;
import filter {
bgp_large_community.add((UNET_ASN,3,0));# 不允许导出到内核
bgp_large_community.add((UNET_ASN,1,0));# 不允许传输到ibgp
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export none;
};
}
function unet_is_self_net_v6() {
return net ~ [
2406:840:e601::/48{48,56}
];
}
protocol static route_unet_export_v6 {
route 2406:840:e601::/48 reject;
ipv6 {
table unet6;
import filter {
bgp_large_community.add((UNET_ASN,3,0));# 不允许导出到内核
bgp_large_community.add((UNET_ASN,1,0));# 不允许传输到ibgp
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export none;
};
}

28
bird/conf/static.conf Normal file
View File

@@ -0,0 +1,28 @@
protocol static route_int_export_v4 {
route 44.32.191.0/24 reject;
ipv4 {
table inet4;
import filter {
bgp_large_community.add((LOCAL_ASN,3,0));
bgp_large_community.add((LOCAL_ASN,1,0));
bgp_large_community.add((LOCAL_ASN,200,0));
accept;
};
export none;
};
}
protocol static route_int_export_v6 {
route 2406:840:e600::/48 reject;
ipv6 {
table inet6;
import filter {
bgp_large_community.add((LOCAL_ASN,3,0));
bgp_large_community.add((LOCAL_ASN,1,0));
bgp_large_community.add((LOCAL_ASN,200,0));
accept;
};
export none;
};
}

28
bird/function/network.conf
View File

@@ -1,28 +0,0 @@
function unet_is_valid_network_v4() {
return net ~ [
10.50.0.0/16+,
10.88.0.0/16+,
10.21.0.0/16+,
10.188.0.0/16+
];
}
function unet_is_valid_network_v4_anynet() {
return net ~ [
172.20.21.0/26+,
44.32.191.0/24+
];
}
function unet_is_valid_network_v4_allnet(){
if !unet_is_valid_network_v4_anynet() && !unet_is_valid_network_v4() then return false;
return true;
}
function unet_is_voalid_net_v6(){
return net ~ [
2406:840:e600::/44{44,56},
2a14:7580:9600::/40{40,56}
];
}

39
bird/function/tables.conf
View File

@@ -1,9 +1,5 @@
ipv4 table inet4; ipv4 table inet4;
ipv6 table inet6; ipv6 table inet6;
ipv4 table unet4;
ipv6 table unet6;
ipv4 table ospf4;
ipv6 table ospf6;
protocol pipe inet6_sync { protocol pipe inet6_sync {
table inet6; table inet6;
@@ -24,38 +20,3 @@ protocol pipe inet4_sync {
accept; accept;
}; };
} }
protocol pipe unet4_sync {
table unet4;
peer table master4;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}
protocol pipe unet6_sync {
table unet6;
peer table master6;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}
protocol pipe ospf4_sync {
table ospf4;
peer table master4;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}
protocol pipe ospf6_sync {
table ospf6;
peer table master6;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}

1
bird/net/ospf.conf
View File

@@ -1 +0,0 @@
include "/etc/bird/peers/ospf/*.conf";

79
bird/net/unet.conf
View File

@@ -1,79 +0,0 @@
template bgp unet_bgp_up0 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if unet_is_valid_network_v4_allnet() && !unet_is_self_net() then accept;
reject;
};
export filter { if unet_is_valid_network_v4_allnet() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; };
import limit 9000 action block;
};
ipv6 {
table unet6;
import filter {
if unet_is_voalid_net_v6() && !unet_is_self_net_v6() then accept;
reject;
};
export filter { if unet_is_voalid_net_v6() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; };
import limit 9000 action block;
};
}
template bgp unet_bgp_up1 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if unet_is_valid_network_v4() && !unet_is_self_net() then accept;
reject;
};
export filter { if unet_is_valid_network_v4() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; };
import limit 9000 action block;
};
}
template bgp unet_ibgp {
graceful restart;
local as UNET_ASN;
med metric;
direct;
ipv4 {
table unet4;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
};
ipv6 {
table unet6;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
};
}
include "/etc/bird/peers/unet/*.conf";

4
bird/peers/bgp.conf Normal file
View File

@@ -0,0 +1,4 @@
protocol bgp inet_bgp_as153376 from tpl_bgp_up {
source address fe80:15:3376:3::2:2;
neighbor fe80:15:3376:3::3:2%pccw1 as 153376;
}

4
bird/peers/inet/ibgp.conf
View File

@@ -1,4 +0,0 @@
protocol bgp int_ibgp_hk1 from tpl_ibgp {
source address fe80:15:3376:3::2:1;
neighbor fe80:15:3376:3::3:1%pccw1 as LOCAL_ASN;
}

32
bird/peers/ospf/ospf_ipv4.conf
View File

@@ -1,32 +0,0 @@
protocol ospf v3 ospf_ipv4 {
ipv4 {
table ospf4;
import all;
export filter {
if bgp_large_community !~ [(UNET_ASN, 301,0)] then reject;
accept;
};
import limit 1000 action block;
};
area 0 {
interface "pccw1" {
cost 5;
password "114514";
};
};
}
protocol static route_ospf_export_v4 {
route 10.188.3.0/24 reject;
ipv4 {
table ospf4;
import filter {
bgp_large_community.add((UNET_ASN,301,0));# 允许导出至OSPF
bgp_large_community.add((UNET_ASN,3,0));# 不允许导出到内核
accept;
};
export none;
};
}

33
bird/peers/ospf/ospf_ipv6.conf
View File

@@ -1,33 +0,0 @@
protocol ospf v3 ospf_ipv6 {
ipv6 {
table ospf6;
import all;
export filter {
if bgp_large_community !~ [(UNET_ASN, 301,0)] then reject;
accept;
};
import limit 1000 action block;
};
area 0 {
interface "pccw1" {
cost 5;
};
};
}
protocol static route_ospf_export_v6 {
route 2406:840:e601:1::/64 reject;
route 2406:840:e601:3::/64 reject;
route 2406:840:e601:4::/63 reject;
route 2406:840:e601:2000::/51 reject;
ipv6 {
table ospf6;
import filter {
bgp_large_community.add((UNET_ASN,301,0));# 允许导出至OSPF
bgp_large_community.add((UNET_ASN,3,0));# 不允许导出到内核
accept;
};
export none;
};
}

4
bird/peers/unet/ibgp.conf
View File

@@ -1,4 +0,0 @@
protocol bgp unet_ibgp_hk1 from unet_ibgp {
source address fe80:15:3376:3::2:2;
neighbor fe80:15:3376:3::3:2%pccw1 as UNET_ASN;
}

1
bird/net/inet.conf → bird/template/inet.conf
View File

@@ -75,4 +75,3 @@ template bgp tpl_ibgp {
}; };
}; };
} }
include "/etc/bird/peers/inet/*";

3
bird/vars.conf
View File

@@ -2,7 +2,4 @@ define LOCAL_ASN = 153376;
define LOCAL_V4_kernel = 10.188.2.3; define LOCAL_V4_kernel = 10.188.2.3;
define LOCAL_V6_kernel = 2406:840:e601:1::1; define LOCAL_V6_kernel = 2406:840:e601:1::1;
define UNET_ASN = 4218818804;
define UNET_V4_kernel = 10.188.2.3;
router id 154.37.212.38; router id 154.37.212.38;