brnet/bird_config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

史诗更新

Browse Source
This commit is contained in:
daxi20
2025-11-13 14:41:55 +08:00
parent cde500b4f6
commit ddeecd2c99
10 changed files with 167 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
bird/net/inet.conf
View File

@@ -1,95 +0,0 @@
template bgp tpl_inet4_up {
graceful restart;
local as LOCAL_ASN;
ipv4 {
table inet4;
import filter {
if is_self_net() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
bgp_large_community.empty;
bgp_large_community.add((LOCAL_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !is_self_net() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if source != RTS_STATIC then reject;
if bgp_large_community !~ [(LOCAL_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
};
}
template bgp tpl_inet6_up {
graceful restart;
local as LOCAL_ASN;
ipv6 {
table inet6;
import filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
bgp_large_community.empty;
bgp_large_community.add((LOCAL_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !is_self_net_v6() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if source != RTS_STATIC then reject;
if bgp_large_community !~ [(LOCAL_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
};
}
template bgp tpl_inet4_ibgp {
graceful restart;
local as LOCAL_ASN;
med metric;
direct;
ipv4 {
table inet4;
next hop self;
gateway direct;
import filter {
if is_self_net() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
export filter {
if is_self_net() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
};
}
template bgp tpl_inet6_ibgp {
graceful restart;
local as LOCAL_ASN;
med metric;
direct;
ipv6 {
table inet6;
next hop self;
gateway direct;
import filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
export filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
};
}
include "/etc/bird/peers/inet/*";

18
bird/net/inet4.conf Normal file
View File

@@ -0,0 +1,18 @@
ipv4 table inet4;
protocol kernel {
scan time 20;
kernel table 103;
ipv4 {
table inet4;
import none;
export filter {
if source = RTS_STATIC then reject;
if !is_bogon_prefix() then {
krt_prefsrc = LOCAL_V4_kernel;
accept;
}
reject;
};
};
};

11
bird/net/inet6.conf Normal file
View File

@@ -0,0 +1,11 @@
ipv6 table inet6;
protocol pipe inet6_sync {
table inet6;
peer table master6;
import none;
export filter {
if bgp_large_community ~ [(LOCAL_ASN, 3,*)] then reject;
accept;
};
}

0
bird/net/ospf.conf.disable → bird/net/ospf.conf
View File

119
bird/net/unet.conf
View File

@@ -1,106 +1,19 @@
template bgp unet_bgp_up0 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_valid_network_v4_allnet() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
};
ipv6 {
table unet6;
import filter {
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_voalid_net_v6() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
ipv4 table unet4;
ipv6 table unet6;
protocol pipe unet4_sync {
table unet4;
peer table master4;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}
template bgp unet_bgp_up1 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if !unet_is_valid_network_v4() then reject;
if unet_is_self_net() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_valid_network_v4() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
protocol pipe unet6_sync {
table unet6;
peer table master6;
export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
accept;
};
}
template bgp unet_ibgp {
graceful restart;
local as UNET_ASN;
med metric;
direct;
ipv4 {
table unet4;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
};
ipv6 {
table unet6;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
};
}
include "/etc/bird/peers/unet/*.conf";
}