remove dn42

bird/bird.conf

@@ -50,5 +50,4 @@ include "/etc/bird/net/*.conf";
 include "/etc/bird/filter/*.conf";
 include "/etc/bird/template/*.conf";
 include "/etc/bird/peers/inet/*.conf";
-include "/etc/bird/peers/dn42/*.conf";
 include "/etc/bird/peers/unet/*.conf";

bird/conf/dn42.conf

@@ -1,14 +0,0 @@
-protocol static route_dn42_export_v4 {
-    route 172.20.21.0/26 reject; 
-
-    ipv4 {
-        table dn42v4;
-        import filter {
-            bgp_large_community.add((DN42_ASN,3,0));# 不允许导出到内核
-            bgp_large_community.add((DN42_ASN,1,0));# 不允许传输到ibgp
-            bgp_large_community.add((DN42_ASN,200,0));# 传输到Ebgp
-            accept;
-        };
-        export none;
-    };
-}

bird/filter/dn42_downstream.conf

@@ -1,18 +0,0 @@
-# 下游过滤器
-# 政策：发全表，只收下游和关联下游的
-
-# 下游-发表控制器
-function function_dn42_downstream_export() {
-    if !is_dn42_prefix() || (bgp_path.len > 20) then return false;
-    # 硬性限制，没有1000,0的，不放
-    if bgp_large_community !~ [(DN42_ASN, 1000,0)] then return false;     
-    return true;
-}
-
-
-# 下游-收表控制器
-# 注意，配置下游时候，一定要注意手打一个 300 0 ，不然发不出去
-function function_dn42_downstream_import() {
-    if !is_dn42_prefix() || (bgp_path.len > 20) then return false;
-    return true;
-}

bird/filter/dn42_ibgp.conf

@@ -1,15 +0,0 @@
-function function_dn42_ibgp_import() {
-    bgp_large_community.delete((DN42_ASN,3,0)); 
-    if is_dn42_self_net() then return false;
-    if !is_dn42_prefix() then return false;
-    if bgp_large_community ~ [(DN42_ASN, 1,*)] then return false;
-    return true;
-}
-
-function function_dn42_ibgp_export() {
-    bgp_large_community.delete((DN42_ASN,3,0)); 
-    if is_dn42_self_net() then return false;
-    if !is_dn42_prefix() then return false;
-    if bgp_large_community ~ [(DN42_ASN, 1,*)] then return false;
-    return true;
-}

bird/filter/dn42_import.conf

@@ -1,10 +0,0 @@
-# 对上游接收过滤器
-# 政策：全网照单接受
-
-function function_dn42_bgp_import_from_upstream() {
-    if is_dn42_self_net() then return false;
-    if !is_dn42_prefix() || (bgp_path.len > 20) then return false;
-    # 允许转发给下游
-    bgp_large_community.add((DN42_ASN,1000,0));
-    return true;
-}

bird/filter/dn42_upstream0.conf

@@ -1,34 +0,0 @@
-# 普通上游（发布控制器）
-# 政策：只发自己的
-
-function function_dn42_bgp_export_to_upstream0() {
-    if !is_dn42_self_net() then return false;
-    if !is_dn42_prefix() then return false;
-    if source != RTS_STATIC then return false;
-    # 100禁止性过滤
-    if bgp_large_community ~ [(DN42_ASN, 100, 100)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 100, 200)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 200, 201)] then return false;
-
-    # 前置过滤：允许自己的段子-所有上游和普通上游
-    if bgp_large_community ~ [(DN42_ASN, 200, 0)] then return true;
-    if bgp_large_community ~ [(DN42_ASN, 200, 1)] then return true;
-    if bgp_large_community ~ [(DN42_ASN, 200, 2)] then return false;
-    return false;
-}
-
-
-function function_dn42_control_bgp_upstream0(int peer_asn){
-    # 1.禁止带有 201 0 (禁止一切外发)的发出去
-    if bgp_large_community ~ [(DN42_ASN, 201, 0)] then return false;
-    # 2.禁止带有 201 peer asn (禁止向某一外发)的发出去
-    if bgp_large_community ~ [(DN42_ASN, 201, peer_asn)] then return false;
-
-    # 3.不带202,0(允许全体外发)，但是带有202,peer asn（允许单一外发）的，放
-    if (bgp_large_community !~ [(DN42_ASN, 202, 0)]) then {
-        if bgp_large_community ~ [(DN42_ASN, 202, peer_asn)] then return true;
-    }
-    # 4.带有202,0（允许一切外发）的，放
-    if bgp_large_community ~ [(DN42_ASN, 202, 0)] then return true;
-    return false;
-}

bird/filter/dn42_upstream1.conf

@@ -1,47 +0,0 @@
-# 能带下游的上游（发布控制器）
-# 政策：发自己的+下游的
-
-function function_dn42_bgp_export_to_upstream1() {
-    if source !~ [RTS_STATIC, RTS_BGP] then return false;
-    if !is_dn42_prefix() then return false;
-    # 100禁止性过滤
-    if bgp_large_community ~ [(DN42_ASN, 100, 100)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 100, 200)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 200, 202)] then return false;
-    if source =RTS_STATIC then {
-        # 静态路由，允许 200，[0 2]
-        if bgp_large_community ~ [(DN42_ASN, 200, 0)] then return true;
-        if bgp_large_community ~ [(DN42_ASN, 200, 2)] then return true;
-        if bgp_large_community ~ [(DN42_ASN, 200, 1)] then return false;
-    }
-    if source = RTS_BGP then {
-        # BGP路由，允许 300，0
-        if bgp_large_community ~ [(DN42_ASN, 10100, 4)] then return true;
-    }
-    return false;
-}
-
-
-function function_dn42_control_bgp_upstream1(int peer_asn){
-    # 1.禁止带有 201 0 (禁止一切外发)  301 0（禁止下游段子转发）的发出去
-    if bgp_large_community ~ [(DN42_ASN, 201, 0)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 301, 0)] then return false;
-    # 2.禁止带有 201 peer asn (禁止向某一外发) 301 peer asn（禁止向某一外发下游）的发出去
-    if bgp_large_community ~ [(DN42_ASN, 201, peer_asn)] then return false;
-    if bgp_large_community ~ [(DN42_ASN, 301, peer_asn)] then return false;
-
-
-    # 3.不带202,0(允许全体外发)，但是带有202,peer asn 放
-    if (bgp_large_community !~ [(DN42_ASN, 202, 0)]) then {
-        if bgp_large_community ~ [(DN42_ASN, 202, peer_asn)] then return true;
-    }
-    # 不带302 0，但是有302 peer asn的，放
-    if (bgp_large_community !~ [(DN42_ASN, 302, 0)]) then {
-        if bgp_large_community ~ [(DN42_ASN, 302, peer_asn)] then return true;
-    }
-
-    # 4.带有202,0（允许一切外发）和302 0的，放
-    if bgp_large_community ~ [(DN42_ASN, 202, 0)] then return true;
-    if bgp_large_community ~ [(DN42_ASN, 302, 0)] then return true;
-    return false;
-}

bird/filter/inet_downstream.conf

@@ -4,8 +4,7 @@
 # 下游-发表控制器
 function function_inet6_downstream_export() {
     if is_bogon_prefix() || (bgp_path.len > 20) then return false;
-    # 硬性限制，没有1000,0的，不放
-    if bgp_large_community !~ [(LOCAL_ASN, 1000,0)] then return false;     
+    if ! (bgp_large_community ~ [(LOCAL_ASN, 200, 0),(LOCAL_ASN, 10100, 0..9000)]) then return false;
     return true;
 }
 

bird/function/dn42.conf

@@ -1,9 +0,0 @@
-function is_dn42_prefix() {
-    return net ~  [
-        172.20.0.0/14+
-    ];
-}
-
-function is_dn42_self_net() {
-    return net ~ is_dn42_self_IPv4;
-}

bird/function/tables.conf

@@ -2,7 +2,6 @@ ipv4 table t102v4;
 ipv6 table t102v6;
 ipv4 table inet4;
 ipv6 table inet6;
-ipv4 table dn42v4;
 ipv4 table unet4;
 ipv6 table unet6;
 ipv4 table ospf4;

bird/function/unet.conf

@@ -7,7 +7,6 @@ function unet_is_valid_network_v4() {
 function unet_is_valid_network_v4_allnet(){
   if unet_is_valid_network_v4() then return true;
   if is_self_net() then return true;
-  if is_dn42_self_net() then return true;
   return false;
 }
 

bird/net/dn42.conf

@@ -1,14 +0,0 @@
-protocol pipe dn42v4_sync {
-  table dn42v4;
-  peer table master4;
-  export filter {
-    if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject;
-    if !is_dn42_prefix() then reject;
-    bgp_community.empty;
-    bgp_large_community.empty;
-    bgp_large_community.add((UNET_ASN,10,4));
-    krt_prefsrc = DN42_V4_kernel;
-    accept;
-    };
-  import none;
-}

bird/net/unet.conf

@@ -23,21 +23,6 @@ protocol pipe unet6_inet6_sync {
     import none;
 }
 
-
-# DN42处理  => dn42v4/6
-protocol pipe unet4_dn42v4_sync {
-  table unet4;
-  peer table dn42v4;
-  export filter {
-    if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
-    if !is_dn42_prefix() then {
-        if net!~[10.188.0.0/16+] then reject;
-    }
-    accept;
-    };
-  import none;
-}
-
 # 剩下的进入master  (只有V4)
 protocol pipe unet4_sync {
   table unet4;

bird/peers/dn42/ibgp.conf

@@ -1,4 +0,0 @@
-protocol bgp ibgp_unet_hk1 from dn42_ibgp {
-    source address fe80:15:3376:3::2:2;
-    neighbor fe80:15:3376:3::3:2%pccw1 as DN42_ASN;
-}

bird/template/dn42.conf

@@ -1,47 +0,0 @@
-template bgp dn42_up0_new {
-    graceful restart;
-    local as DN42_ASN;
-    ipv4 {
-        table dn42v4;
-        import filter {if !function_dn42_bgp_import_from_upstream() then reject; accept; };
-        export filter {if !function_dn42_bgp_export_to_upstream0() then reject; accept; };
-    };
-    ipv6 {import none;export none;};
-}
-
-template bgp dn42_up1_new {
-    graceful restart;
-    local as DN42_ASN;
-    ipv4 {
-        table dn42v4;
-        import filter {if !function_dn42_bgp_import_from_upstream() then reject; accept; };
-        export filter {if !function_dn42_bgp_export_to_upstream1() then reject; accept; };
-    };
-    ipv6 {import none;export none;};
-}
-
-template bgp dn42_ds {
-    graceful restart;
-    local as DN42_ASN;
-    ipv4 {
-        table dn42v4;
-        import filter {if !function_inet6_downstream_import() then reject; accept; };
-        export filter {if !function_inet6_downstream_export() then reject; accept; };
-    };
-    ipv6 {import none;export none;};
-}
-
-template bgp dn42_ibgp_new {
-    graceful restart;
-    local as DN42_ASN;
-    med metric;
-    direct;
-    ipv4 {
-        table dn42v4;
-        next hop self;
-        gateway direct;
-        import filter {if !function_dn42_ibgp_import() then reject; accept; };
-        export filter {if !function_dn42_ibgp_export() then reject; accept; };
-    };
-    ipv6 {import none;export none;};
-}

update.sh

@@ -3,12 +3,21 @@
 cd 
 git clone https://git.nia.ink/brnet/bird_config.git
 
+rm /etc/bird/bird.conf
+mv ./bird_config/bird/bird.conf /etc/bird/
+
+rm /etc/bird/conf/dn42.conf
+
 rm /etc/bird/filter/*.conf
 mv ./bird_config/bird/filter/*.conf /etc/bird/filter/
 
 rm /etc/bird/function/*.conf
 mv ./bird_config/bird/function/*.conf /etc/bird/function/
 
+rm /etc/bird/net/dn42.conf
+rm /etc/bird/net/unet.conf
+mv ./bird_config/bird/net/unet.conf /etc/bird/net/
+
 rm /etc/bird/template/*.conf
 mv ./bird_config/bird/template/*.conf /etc/bird/template/