brnet/bird_config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新了分库分表配置

Browse Source
This commit is contained in:
gaoyuheng
2026-01-26 11:20:16 +08:00
parent 2d1eb76608
commit f093da11d4
10 changed files with 88 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
bird/bird.conf
View File

@@ -1,5 +1,5 @@
include "/etc/bird/vars.conf"; include "/etc/bird/vars.conf";
include "/etc/bird/first/*.conf"; include "/etc/bird/whitelist/*.conf";
include "/etc/bird/function/*.conf"; include "/etc/bird/function/*.conf";
include "/etc/bird/conf/*.conf"; include "/etc/bird/conf/*.conf";
@@ -7,47 +7,23 @@ protocol device {
scan time 10; scan time 10;
}; };
protocol kernel {
scan time 20;
ipv6 {
import none;
export filter {
if source = RTS_STATIC then reject;
if !is_bogon_prefix() then {
krt_prefsrc = LOCAL_V6_kernel;
accept;
}
if is_dn42_prefix() then {
krt_prefsrc = DN42_V6_kernel;
accept;
}
reject;
};
};
};
protocol kernel { protocol kernel {
scan time 20; scan time 20;
ipv4 { ipv4 {
import none; import none;
export filter { export filter {
if source = RTS_STATIC then reject; if source = RTS_STATIC then reject;
if !is_bogon_prefix() then {
krt_prefsrc = LOCAL_V4_kernel;
accept;
}
if unet_is_valid_network_v4() then { if unet_is_valid_network_v4() then {
krt_prefsrc = UNET_V4_kernel; krt_prefsrc = UNET_V4_kernel;
accept; accept;
} }
if is_dn42_prefix() then {
krt_prefsrc = DN42_V4_kernel;
accept;
}
reject; reject;
}; };
}; };
}; };
include "/etc/bird/net/*.conf"; include "/etc/bird/net/*.conf";
include "/etc/bird/template/include.conf"; include "/etc/bird/template/*.conf";
include "/etc/bird/peers/inet/*.conf";
include "/etc/bird/peers/dn42/*.conf";
include "/etc/bird/peers/unet/*.conf";

13
bird/conf/inet_ixp.conf
View File

@@ -1,13 +0,0 @@
protocol static route_int_export_ixp_v6 {
route 2406:840:e600::/44 reject;
ipv6 {
table inet6;
import filter {
bgp_large_community.add((LOCAL_ASN,3,0));
bgp_large_community.add((LOCAL_ASN,1,0));
bgp_large_community.add((LOCAL_ASN,200,1));
accept;
};
export none;
};
}

26
bird/first/inet.conf
View File

@@ -1,26 +0,0 @@
function is_self_net() {
return net ~ [
44.32.191.0/24+
];
}
function is_self_net_v6() {
return net ~ [
2406:840:e600::/44+,
2a0f:1cc5:10::/44+
];
}
function dn42_is_self_net() {
return net ~ [
172.20.21.0/26+
];
}
function dn42_is_self_net_v6() {
return net ~ [
fde8:936e:ee29::/48+
];
}

8
bird/function/unet.conf
View File

@@ -9,13 +9,13 @@ function unet_is_valid_network_v4() {
function unet_is_valid_network_v4_allnet(){ function unet_is_valid_network_v4_allnet(){
if unet_is_valid_network_v4() then return true; if unet_is_valid_network_v4() then return true;
if is_self_net() then return true; if is_self_net_inet4() then return true;
if dn42_is_self_net() then return true; if is_self_net_dn42v4() then return true;
return false; return false;
} }
function unet_is_voalid_net_v6(){ function unet_is_voalid_net_v6(){
if is_self_net_v6() then return true; if is_self_net_inet6() then return true;
if dn42_is_self_net_v6() then return true; if is_self_net_dn42v6() then return true;
return false; return false;
} }

46
bird/net/dn42.conf
View File

@@ -1,17 +1,35 @@
protocol pipe dn42v4_sync { protocol kernel kernel_dn42v4_105 {
table dn42v4; scan time 20;
peer table master4; kernel table 105;
export filter { ipv4 {
if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject; table dn42v4;
accept; import none;
export filter {
if source = RTS_STATIC then reject;
if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject;
if is_dn42_prefix() then {
krt_prefsrc = DN42_V4_kernel;
accept;
}
reject;
};
}; };
} };
protocol pipe dn42v6_sync { protocol kernel kernel_dn42v6_105 {
table dn42v6; scan time 20;
peer table master6; kernel table 105;
export filter { ipv4 {
if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject; table dn42v6;
accept; import none;
export filter {
if source = RTS_STATIC then reject;
if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject;
if is_dn42_prefix() then {
krt_prefsrc = DN42_V6_kernel;
accept;
}
reject;
};
}; };
} };

25
bird/net/inet.conf
View File

@@ -16,12 +16,21 @@ protocol kernel kernel_inet4_102 {
}; };
}; };
protocol pipe inet6_sync_to_master6 {
table inet6; protocol kernel kernel_inet6_102 {
peer table master6; scan time 20;
export filter { kernel table 102;
if bgp_large_community ~ [(LOCAL_ASN, 3,*)] then reject; ipv6 {
accept; table inet6;
import none;
export filter {
if source = RTS_STATIC then reject;
if bgp_large_community ~ [(LOCAL_ASN, 3,*)] then reject;
if !is_bogon_prefix() then {
krt_prefsrc = LOCAL_V6_kernel;
accept;
}
reject;
};
}; };
import none; };
}

9
bird/template/include.conf
View File

@@ -1,9 +0,0 @@
include "/etc/bird/template/inet.conf";
include "/etc/bird/template/inet_ixp.conf";
include "/etc/bird/peers/inet/*";
include "/etc/bird/template/dn42.conf";
include "/etc/bird/peers/dn42/*.conf";
include "/etc/bird/template/unet.conf";
include "/etc/bird/peers/unet/*.conf";

2
bird/template/inet_ixp.conf
View File

@@ -11,7 +11,7 @@ template bgp tpl_inet6_ixp {
export filter { export filter {
if !is_self_net_v6() then reject; if !is_self_net_v6() then reject;
if is_bogon_prefix() || (bgp_path.len > 100) then reject; if is_bogon_prefix() || (bgp_path.len > 100) then reject;
if bgp_large_community !~ [(LOCAL_ASN, 200,1)] then reject; if bgp_large_community !~ [(LOCAL_ASN, 200,0)] then reject;
bgp_large_community.empty; bgp_large_community.empty;
accept; accept;
}; };

0
bird/first/ipconfig.conf → bird/whitelist/ipconfig.conf
View File

30
update.sh
View File

@@ -3,7 +3,35 @@
cd cd
git clone https://git.nia.ink/brnet/bird_config.git git clone https://git.nia.ink/brnet/bird_config.git
mv ./bird_config/bird/net/inet.conf /etc/bird/net/inet.conf # 备份配置
cp /etc/bird/ /etc/bird.bak -r
# 重构主配置文件
rm /etc/bird/bird.conf -f
mv ./bird_config/bird/bird.conf /etc/bird/bird.conf
# 构建白名单配置目录
mkdir -p /etc/bird/whitelist
mv /etc/bird/first/ipconfig.conf /etc/bird/whitelist/ipconfig.conf
wget https://noc.zhuantou.com.cn/api/network.php?s=inet4-bird-function -O /etc/bird/whitelist/inet4-bird-function.conf
wget https://noc.zhuantou.com.cn/api/network.php?s=inet6-bird-function -O /etc/bird/whitelist/inet6-bird-function.conf
wget https://noc.zhuantou.com.cn/api/network.php?s=dn42-bird-function -O /etc/bird/whitelist/dn42-bird-function.conf
rm /etc/bird/first -rf
# 构建模板目录
rm /etc/bird/template -rf
mv ./bird_config/bird/template /etc/bird/template -r
# 构建网络配置目录
rm /etc/bird/net -rf
mv ./bird_config/bird/net /etc/bird/net -r
# 更新UNET配置函数
rm /etc/bird/function/unet.conf -f
mv ./bird_config/bird/function/unet.conf /etc/bird/function/unet.conf
# 删除ixp模板配置
rm /etc/bird/conf/inet_ixp.conf -f
chmod -R 755 /etc/bird chmod -R 755 /etc/bird