2014-08-19 11:14:54 +02:00
|
|
|
table ibgp; # internal BGP peerings
|
|
|
|
|
table ebgp; # external (icvpn) BGP peerings
|
|
|
|
|
table freifunk; # kernel table 42 for routing from ff network
|
|
|
|
|
|
|
|
|
|
define ownas = <%= @ff_as %>;
|
|
|
|
|
|
2014-03-31 23:18:29 +02:00
|
|
|
router id <%= @own_ipv4 %>;
|
|
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
### functions ###
|
2014-03-31 23:18:29 +02:00
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
# own networks
|
|
|
|
|
function is_self_net() {
|
|
|
|
|
return net ~ [ fd51:2bb2:fd0d::/48+,
|
|
|
|
|
2001:bf7:180::/44+,
|
|
|
|
|
2001:bf7:190::/44+,
|
|
|
|
|
2001:bf7:200::/44+,
|
|
|
|
|
2001:bf7:210::/44+,
|
|
|
|
|
2001:bf7:220::/44+,
|
|
|
|
|
2001:bf7:230::/44+];
|
2014-03-31 23:18:29 +02:00
|
|
|
}
|
|
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
# freifunk ip ranges in general
|
|
|
|
|
function is_freifunk() {
|
|
|
|
|
return net ~ [ fc00::/7{48,64},
|
|
|
|
|
2001:bf7::/32+];
|
2014-03-31 23:18:29 +02:00
|
|
|
}
|
|
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
function is_default() {
|
|
|
|
|
return net ~ [ ::0/0 ];
|
2014-03-31 23:18:29 +02:00
|
|
|
}
|
|
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
### kernel ###
|
|
|
|
|
|
|
|
|
|
# synchronize from bird to main kernel routing table
|
|
|
|
|
# nothing in the other direction
|
|
|
|
|
# (do not sync a default route we received to the main routing table
|
|
|
|
|
# as this might collide with the normal default route of the host)
|
|
|
|
|
protocol kernel k_mast {
|
|
|
|
|
scan time 10;
|
|
|
|
|
import none;
|
|
|
|
|
export where !is_default();
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# synchronize from birds freifunk table to kernel routing table 42
|
|
|
|
|
# nothing in the other direction
|
|
|
|
|
protocol kernel k_frei {
|
|
|
|
|
scan time 10;
|
|
|
|
|
table freifunk;
|
|
|
|
|
kernel table 42;
|
|
|
|
|
import none;
|
2014-03-31 23:18:29 +02:00
|
|
|
export all;
|
2014-08-19 11:14:54 +02:00
|
|
|
};
|
2014-03-31 23:18:29 +02:00
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
# this pseudo-protocol watches all interface up/down events
|
2014-03-31 23:18:29 +02:00
|
|
|
protocol device {
|
2014-08-19 11:14:54 +02:00
|
|
|
scan time 10;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
### pipes ###
|
|
|
|
|
|
|
|
|
|
# sync nothing from main routing table to ebgp
|
|
|
|
|
# sync routes (not own network) from ebgp to main routing table
|
|
|
|
|
protocol pipe p_maintbl {
|
|
|
|
|
peer table ebgp;
|
|
|
|
|
import where !is_self_net();
|
|
|
|
|
export none;
|
|
|
|
|
};
|
2014-03-31 23:18:29 +02:00
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
# sync routes (not own network) from ebgp to ibgp
|
|
|
|
|
# sync routes (all) from ibgp to ebgp
|
|
|
|
|
protocol pipe p_ibgptbl {
|
|
|
|
|
table ebgp;
|
|
|
|
|
peer table ibgp;
|
|
|
|
|
import all;
|
|
|
|
|
export where !is_self_net();
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# sync routes (freifunk and default routes we got) from ibgp to freifunk
|
|
|
|
|
# sync nothing from freifunk to ibgp
|
|
|
|
|
protocol pipe p_freitbl {
|
|
|
|
|
table ibgp;
|
|
|
|
|
peer table freifunk;
|
|
|
|
|
import none;
|
|
|
|
|
export where is_freifunk() || is_default();
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
### static routes ###
|
|
|
|
|
|
|
|
|
|
protocol static static_ffhh {
|
2014-03-31 23:18:29 +02:00
|
|
|
route fd51:2bb2:fd0d::/48 reject;
|
2014-08-19 11:14:54 +02:00
|
|
|
route 2001:bf7:180::/44 reject;
|
|
|
|
|
route 2001:bf7:190::/44 reject;
|
|
|
|
|
route 2001:bf7:200::/44 reject;
|
|
|
|
|
route 2001:bf7:210::/44 reject;
|
|
|
|
|
route 2001:bf7:220::/44 reject;
|
|
|
|
|
route 2001:bf7:230::/44 reject;
|
|
|
|
|
table ebgp;
|
2014-03-31 23:18:29 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
protocol static local_ffhh {
|
|
|
|
|
route fd51:2bb2:fd0d::/64 via "br-ffhh";
|
2014-08-19 11:14:54 +02:00
|
|
|
route 2001:bf7:180::/64 via "br-ffhh";
|
|
|
|
|
table freifunk;
|
2014-03-31 23:18:29 +02:00
|
|
|
};
|
|
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
### templates ###
|
2014-03-31 23:18:29 +02:00
|
|
|
|
2014-08-19 11:14:54 +02:00
|
|
|
# template for same city freifunk gateways
|
2014-05-19 22:17:18 +02:00
|
|
|
template bgp locals {
|
2014-08-19 11:14:54 +02:00
|
|
|
table ibgp;
|
|
|
|
|
local as ownas;
|
2014-03-31 23:18:29 +02:00
|
|
|
source address <%= @own_ipv6 %>;
|
2014-08-19 11:14:54 +02:00
|
|
|
import filter {
|
|
|
|
|
preference = 99;
|
|
|
|
|
accept;
|
|
|
|
|
};
|
2014-03-31 23:18:29 +02:00
|
|
|
export where source = RTS_BGP;
|
2014-05-19 22:17:18 +02:00
|
|
|
direct;
|
2014-03-31 23:18:29 +02:00
|
|
|
next hop self;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
<% @peerings_v6.each_pair do |key, hash| -%><% if hash["ip"] != @own_ipv6 -%>
|
|
|
|
|
protocol bgp <%= key %> from <%= hash["template"] %> {
|
|
|
|
|
neighbor <%= hash["ip"] %> as <%= hash["as"] %>;
|
|
|
|
|
};
|
|
|
|
|
<% end -%><% end -%>
|
2014-04-01 00:05:53 +02:00
|
|
|
|
|
|
|
|
<% if @gw_do_ic_peering -%>
|
2014-08-19 11:14:54 +02:00
|
|
|
# template for icvpn gateways of other cities
|
2014-05-19 22:17:18 +02:00
|
|
|
template bgp peers {
|
2014-08-19 11:14:54 +02:00
|
|
|
table ebgp;
|
|
|
|
|
local as ownas;
|
2014-05-19 22:17:18 +02:00
|
|
|
source address <%= @ic_vpn_ip6 %>;
|
2014-08-19 11:14:54 +02:00
|
|
|
# ignore routes for our own network
|
|
|
|
|
import where is_freifunk() && !is_self_net();
|
|
|
|
|
export where is_freifunk() || (source = RTS_BGP);
|
|
|
|
|
route limit 10000;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# template for upstream gateways
|
|
|
|
|
template bgp upstream from peers {
|
|
|
|
|
# accept freifunk networks and default route
|
|
|
|
|
import where (is_freifunk() || is_default()) && !is_self_net();
|
2014-05-19 22:17:18 +02:00
|
|
|
};
|
|
|
|
|
|
2014-04-01 00:05:53 +02:00
|
|
|
<% @ic_peerings_v6.each_pair do |key, hash| -%><% if hash["ip"] != @own_ipv6 -%>
|
|
|
|
|
protocol bgp <%= key %> from <%= hash["template"] %> {
|
|
|
|
|
neighbor <%= hash["ip"] %> as <%= hash["as"] %>;
|
|
|
|
|
};
|
|
|
|
|
<% end -%><% end -%>
|
|
|
|
|
<% end -%>
|
2014-08-19 11:14:54 +02:00
|
|
|
|
