brnet/bird_config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

史诗更新

Browse Source
This commit is contained in:
daxi20
2025-11-13 14:41:55 +08:00
parent cde500b4f6
commit ddeecd2c99
10 changed files with 167 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
bird/template/inet.conf Normal file
View File

@@ -0,0 +1,97 @@
template bgp tpl_inet4_up {
graceful restart;
local as LOCAL_ASN;
ipv4 {
table inet4;
import filter {
if is_self_net() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if net ~ [0.0.0.0/0] then reject; # 不导入默认路由
bgp_large_community.empty;
bgp_large_community.add((LOCAL_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !is_self_net() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if source != RTS_STATIC then reject;
if bgp_large_community !~ [(LOCAL_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
};
}
template bgp tpl_inet6_up {
graceful restart;
local as LOCAL_ASN;
ipv6 {
table inet6;
import filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if net ~ [::/0] then reject; # 不导入默认路由
bgp_large_community.empty;
bgp_large_community.add((LOCAL_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !is_self_net_v6() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if source != RTS_STATIC then reject;
if bgp_large_community !~ [(LOCAL_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
};
}
template bgp tpl_inet4_ibgp {
graceful restart;
local as LOCAL_ASN;
med metric;
direct;
ipv4 {
table inet4;
next hop self;
gateway direct;
import filter {
if is_self_net() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
export filter {
if is_self_net() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
};
}
template bgp tpl_inet6_ibgp {
graceful restart;
local as LOCAL_ASN;
med metric;
direct;
ipv6 {
table inet6;
next hop self;
gateway direct;
import filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
export filter {
if is_self_net_v6() then reject;
if is_bogon_prefix() then reject;
if bgp_large_community ~ [(LOCAL_ASN, 1,*)] then reject;
accept;
};
};
}
include "/etc/bird/peers/inet/*";

106
bird/template/unet.conf Normal file
View File

@@ -0,0 +1,106 @@
template bgp unet_bgp_up0 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_valid_network_v4_allnet() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
};
ipv6 {
table unet6;
import filter {
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_voalid_net_v6() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
};
}
template bgp unet_bgp_up1 {
graceful restart;
local as UNET_ASN;
ipv4 {
table unet4;
import filter {
if !unet_is_valid_network_v4() then reject;
if unet_is_self_net() then reject;
bgp_large_community.empty;
bgp_large_community.add((UNET_ASN,200,0));# 传输到Ebgp
accept;
};
export filter {
if !unet_is_valid_network_v4() then reject;
if source !~ [RTS_STATIC, RTS_BGP] then reject;
if bgp_large_community !~ [(UNET_ASN, 200,0)] then reject;
bgp_large_community.empty;
accept;
};
import limit 9000 action block;
};
}
template bgp unet_ibgp {
graceful restart;
local as UNET_ASN;
med metric;
direct;
ipv4 {
table unet4;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_valid_network_v4_allnet() then reject;
if unet_is_self_net() then reject;
accept;
};
};
ipv6 {
table unet6;
next hop self;
gateway direct;
import filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
export filter {
if bgp_large_community ~ [(UNET_ASN, 1,*)] then reject;
if !unet_is_voalid_net_v6() then reject;
if unet_is_self_net_v6() then reject;
accept;
};
};
}
include "/etc/bird/peers/unet/*.conf";