diff --git a/bird/bird.conf.tmpl b/bird/bird.conf.tmpl index 747dd65..7260f51 100644 --- a/bird/bird.conf.tmpl +++ b/bird/bird.conf.tmpl @@ -22,24 +22,24 @@ roa4 table r4; # ROA RPKI # RPKI # See: https://brooks.sh/2019/11/11/validating-bgp-routes-with-rpki-in-bird/ -protocol rpki { - roa4 { table r4; }; +#protocol rpki { +# roa4 { table r4; }; - {{ range files "bird/rpki/hosts" }} # {{.}} - {{ file (print "bird/rpki/hosts/" .) }} - {{ end }} +# {{ range files "bird/rpki/hosts" }} # {{.}} +# {{ file (print "bird/rpki/hosts/" .) }} +# {{ end }} # Time period in seconds between a failed query the next attempt - retry keep ${bgp_rpki_retry:-90}; +# retry keep ${bgp_rpki_retry:-90}; # Tells how long to wait before attempting to poll the cache - refresh keep ${bgp_rpki_refresh:-900}; +# refresh keep ${bgp_rpki_refresh:-900}; # How long to keep any records locally cached before they are deleted # The "refresh" interval will control how often records are refreshed # and not considered expired. - expire keep ${bgp_rpki_expire:-172800}; -} +# expire keep ${bgp_rpki_expire:-172800}; +#} # Filters # Define a series of filters for Lixonet routing policies: @@ -57,9 +57,9 @@ protocol rpki { # ROA_UNKNOWN if there is no relevant ROA, ROA_VALID if there is # a matching ROA, or ROA_INVALID if there are some relevant ROAs # but none of them match. -function is_rpki_invalid_v4 () { - return roa_check(r4, net, bgp_path.last_nonaggregated) = ROA_INVALID; -} +#function is_rpki_invalid_v4 () { +# return roa_check(r4, net, bgp_path.last_nonaggregated) = ROA_INVALID; +#} # Returns TRUE if the given tested network is the exact global network prefix for # Lixonet. Used to filter the "unreachable" static route we typically static.