diff --git a/bird.conf b/bird.conf new file mode 100644 index 0000000..0da5567 --- /dev/null +++ b/bird.conf @@ -0,0 +1,325 @@ +table ibgp; # internal BGP peerings +table ebgp; # external (icvpn) BGP peerings +table freifunk; # kernel table 42 for routing from ff network + +define ownas = 65112; + +router id 10.112.1.1; # REPLACE + +### functions ### + +function is_self_net() { + return (net ~ [10.112.0.0/16+]); +} + +function is_freifunk() { + return net ~ [ 10.0.0.0/8+, + 104.0.0.0/8+ + ]; +} + +function is_dn42() { + return net ~ [ 172.22.0.0/15+, + 195.160.168.0/23+, + 91.204.4.0/22+, + 193.43.220.0/23+, + 83.133.178.0/23+, + 87.106.29.254/32, + 85.25.246.16/28+, + 46.4.248.192/27+, + 94.45.224.0/19+, + 195.191.196.0/23+, + 80.244.241.224/27+, + 46.19.90.48/28+, + 46.19.90.96/28+, + 178.63.170.40/32, + 188.40.34.241/32, + 195.16.84.40/29+, + 37.1.89.160/29+, + 178.33.32.123/32+, + 37.1.89.160/29+, + 185.28.77.16/29+, + 185.28.77.192/27+, + 192.175.48.0/24+ + ]; +} + +### kernel ### + +protocol kernel kernel_master { + scan time 10; + import none; + export filter { + krt_prefsrc = 10.112.1.1; # REPLACE + accept; + }; +}; + +protocol kernel kernel_ff { + scan time 10; + table freifunk; + kernel table 42; + import none; + export filter { + krt_prefsrc = 10.112.1.1; # REPLACE + accept; + }; +}; + +protocol device { + scan time 10; +}; + +### pipes ### + +protocol pipe p_maintbl { + peer table ebgp; + import where !is_self_net(); + export none; +}; + +protocol pipe p_ibgptbl { + table ebgp; + peer table ibgp; + import all; + export where !is_self_net(); +}; + +protocol pipe p_freitbl { + table ibgp; + peer table freifunk; + import none; + export where (is_freifunk() || is_dn42()); +}; + +### static routes ### + +protocol static unreachable_default { + route 0.0.0.0/0 reject; + table freifunk; +}; + +protocol static static_ffhh { + route 10.112.0.0/16 reject; + table ebgp; +}; + +protocol static local_ffhh { + route 10.112.0.0/18 via "br-ffhh"; # REPLACE if interface name is not br-ffhh + table freifunk; +}; + +### templates ### + +template bgp locals { + table ibgp; + local as ownas; + import filter { + preference = 99; + accept; + }; + export where source = RTS_BGP; + gateway direct; + next hop self; +}; + +template bgp peers { + local as ownas; + table ebgp; + import where ((is_freifunk() || is_dn42()) && !is_self_net()); + export where (is_freifunk() || is_dn42()); + route limit 10000; +}; + +### local gateways ### +# remove entry of this specific gateway + +protocol bgp srv01 from locals { + neighbor 10.112.1.1 as 65112; +}; + +protocol bgp hamburg01 from locals { + neighbor 10.112.14.1 as 65112; +}; + +protocol bgp hamburg07 from locals { + neighbor 10.112.16.1 as 65112; +}; + +protocol bgp hamburg08 from locals { + neighbor 10.112.22.1 as 65112; +}; + +protocol bgp hamburg09 from locals { + neighbor 10.112.24.1 as 65112; +}; + +protocol bgp hamburg11 from locals { + neighbor 10.112.28.1 as 65112; +}; + +protocol bgp hamburg12 from locals { + neighbor 10.112.30.1 as 65112; +}; + +### icvpn peerings ### + +protocol bgp Augsburg1 from peers { + neighbor 10.207.0.17 as 65050; +}; + +protocol bgp Augsburg2 from peers { + neighbor 10.207.0.177 as 65070; +}; + +protocol bgp Aurich1 from peers { + neighbor 10.207.0.15 as 65047; +}; + +protocol bgp BadZwischenahn1 from peers { + neighbor 10.207.0.26 as 65512; +}; + +protocol bgp Bayreuth1 from peers { + neighbor 10.207.0.28 as 65025; +}; + +protocol bgp Berlin1 from peers { + neighbor 10.207.0.5 as 44194; +}; + +protocol bgp Bielefeld1 from peers { + neighbor 10.207.0.59 as 65529; +}; + +protocol bgp Bielefeld2 from peers { + neighbor 10.207.0.67 as 65529; +}; + +protocol bgp Chemnitz1 from peers { + neighbor 10.207.0.36 as 65053; +}; + +protocol bgp diac24_net from peers { + neighbor 10.207.2.0 as 64600; +}; + +protocol bgp Dresden1 from peers { + neighbor 10.207.0.19 as 65051; +}; + +protocol bgp Franken1 from peers { + neighbor 10.207.0.23 as 65024; +}; + +protocol bgp Franken2 from peers { + neighbor 10.207.0.24 as 65024; +}; + +protocol bgp Franken3 from peers { + neighbor 10.207.0.31 as 65024; +}; + +protocol bgp Frankfurt1 from peers { + neighbor 10.207.0.35 as 65026; +}; + +protocol bgp Freiburg1 from peers { + neighbor 10.207.0.21 as 65026; +}; + +protocol bgp Gronau1 from peers { + neighbor 10.207.0.55 as 65526; +}; + +protocol bgp Gronau2 from peers { + neighbor 10.207.0.60 as 65526; +}; + +protocol bgp Grossdraxdorf from peers { + neighbor 10.207.0.25 as 65025; +}; + +protocol bgp Halle1 from peers { + neighbor 10.207.0.13 as 65046; +}; + +protocol bgp Halle2 from peers { + neighbor 10.207.0.14 as 65046; +}; + +protocol bgp Hannover1 from peers { + neighbor 10.207.0.22 as 65511; +}; + +protocol bgp Jena1 from peers { + neighbor 10.207.0.33 as 65055; +}; + +protocol bgp Jena2 from peers { + neighbor 10.207.0.66 as 65055; +}; + +protocol bgp Kiel4 from peers { + neighbor 10.207.0.58 as 65525; +}; + +protocol bgp Koblenz from peers { + neighbor 10.207.0.32 as 65032; +}; + +protocol bgp Koeln1 from peers { + neighbor 10.207.0.57 as 65528; +}; + +protocol bgp Leipzig1 from peers { + neighbor 10.207.0.1 as 65041; +}; + +protocol bgp Leipzig2 from peers { + neighbor 10.207.0.2 as 65041; +}; + +protocol bgp Ljubljana1 from peers { + neighbor 10.207.3.23 as 65023; +}; + +protocol bgp Ljubljana2 from peers { + neighbor 10.207.3.30 as 64768; +}; + +protocol bgp Luebeck1 from peers { + neighbor 10.207.0.130 as 65052; +}; + +protocol bgp Luebeck2 from peers { + neighbor 10.207.0.131 as 65052; +}; + +protocol bgp Mainz1 from peers { + neighbor 10.207.0.37 as 65037; +}; + +protocol bgp Oldenburg1 from peers { + neighbor 10.207.0.27 as 65513; +}; + +protocol bgp Schwarzach1 from peers { + neighbor 10.207.0.56 as 65527; +}; + +protocol bgp Treuenbrietzen from peers { + neighbor 10.207.0.18 as 65045; +}; + +protocol bgp Weimar1 from peers { + neighbor 10.207.0.3 as 65042; +}; + +protocol bgp Weimar2 from peers { + neighbor 10.207.0.4 as 65042; +}; + +protocol bgp Wermelskirchen1 from peers { + neighbor 10.207.0.7 as 65530; +};