diff --git a/bird/bird.conf.tmpl b/bird/bird.conf.tmpl index 2eecbf4..8f3eced 100644 --- a/bird/bird.conf.tmpl +++ b/bird/bird.conf.tmpl @@ -21,31 +21,31 @@ roa4 table r4; # ROA RPKI # RPKI # See: https://brooks.sh/2019/11/11/validating-bgp-routes-with-rpki-in-bird/ -#protocol rpki { -# roa4 { table r4; }; +protocol rpki { + roa4 { table r4; }; -# {{ range files "bird/rpki/hosts" }} # {{.}} -# {{ file (print "bird/rpki/hosts/" .) }} -# {{ end }} + {{ range files "bird/rpki/hosts" }} # {{.}} + {{ file (print "bird/rpki/hosts/" .) }} + {{ end }} -# # Time period in seconds between a failed query the next attempt -# retry keep ${bgp_rpki_retry:-90}; + # Time period in seconds between a failed query the next attempt + retry keep ${bgp_rpki_retry:-90}; -# # Tells how long to wait before attempting to poll the cache -# refresh keep ${bgp_rpki_refresh:-900}; + # Tells how long to wait before attempting to poll the cache + refresh keep ${bgp_rpki_refresh:-900}; -# # How long to keep any records locally cached before they are deleted -# # The "refresh" interval will control how often records are refreshed -# # and not considered expired. -# expire keep ${bgp_rpki_expire:-172800}; + # How long to keep any records locally cached before they are deleted + # The "refresh" interval will control how often records are refreshed + # and not considered expired. + expire keep ${bgp_rpki_expire:-172800}; -# # Enable SSH transport, disable TCP transport (insecure) -# transport ssh { -# remote public key "${bgp_rpki_known_hosts:-/etc/bird/rpki/known_hosts}"; -# user "lixonet"; -# #bird private key ""; -# }; -#} + # Enable SSH transport, disable TCP transport (insecure) + transport ssh { + remote public key "${bgp_rpki_known_hosts:-/etc/bird/rpki/known_hosts}"; + user "lixonet"; + #bird private key ""; + }; +} # Filters # Define a series of filters for Lixonet routing policies: