Update bird/bird.conf.tmpl, README.md files

This commit is contained in:
sump pump 2020-05-22 00:21:51 +00:00
parent cbb13e2298
commit cc93a8b387
2 changed files with 5 additions and 3 deletions

View File

@ -42,6 +42,7 @@ You **MUST** specify these options, or Lixonet will not work.
* `tinc_peer_address` - The *router* address to use. This is your Lixonet routing layer address: 172.xxx.0.xxx
* `network_address` - The *network* address to use. This is your Lixonet routing layer address: 172.xxx.0.0 (especially take note of the last two 0's: `0.0` -- it _MUST_ end with zeros corresponding to the network size)
* `bgp_asn` - The BGP ASN to use. We usually follow the format `4206969XXX` where _XXX_ is the last octet of your `address`, zero-padded (i.e. 008 or 212)
* `internal_gateway` - The internal gateway to use. This is the IP address, directly upstream from the Lixonet EE router, that can be used as a next hop to reach your own subnets.
#### Configuration example
@ -56,6 +57,7 @@ bgp_asn=4206969008
bgp_routes=172.31.8.0/21,172.31.254.0/24
network_address=172.31.0.0
netmask=255.255.255.0
internal_gateway=172.31.8.1
```
(A key exists at `/etc/lixonet/teamlixo/tinc.key`)
@ -119,7 +121,7 @@ For options we expose here, for information see: https://bird.network.cz/?get_do
#### Prerequisites:
1. `docker` and `docker-compose` (Alpine: community repository; https://docs.genesys.com/Documentation/System/8.5.x/DDG/InstallationofDockeronAlpineLinux), `git`, and `curl` are installed (Alpine: `apk add`). You may also want to make docker run at boot: `rc-update add docker boot`.
2. `eth0` is the **LAN** or **WAN** interface supporting external routing, DNS, etc., and is the **bridged** interface to a router that will statically route the entire desired network subnet (i.e. x.x.0.0/21) through it. You may also have an `eth1` (and so on, so forth) that you statically configure for your entire, wide subnet (i.e. x.x.0.0/21) if you want to use two physical adapters. If you do have more than one interface, make sure that `internal_interface` is set to the interface that can route your personal Lixonet subnets, and not your WAN interface with a default gateway.
2. `eth0` is the **LAN** or **WAN** interface supporting external routing, DNS, etc., and is the **bridged** interface to a router that will statically route the entire desired network subnet (i.e. x.x.0.0/21) through it. You may also have an `eth1` (and so on, so forth) that you statically configure for your entire, wide subnet (i.e. x.x.0.0/21) if you want to use two physical adapters. If you do have more than one interface, make sure that `internal_gateway` is set to the router IP address that can route your personal Lixonet subnets, and not your WAN gateway (unless they're the same).
4. `tun` and `tap` are in `/etc/modules` to load at boot (https://www.cyberciti.biz/faq/linux-how-to-load-a-kernel-module-automatically-at-boot-time/) and the system has been rebooted afterwards.
5. `sigil` is installed (`curl -L "https://github.com/gliderlabs/sigil/releases/download/v0.5.0/sigil_0.5.0_$(uname -sm|tr ' ' '_').tgz" | tar -zxC /usr/local/bin`)
6. IPv4 forwarding is on: `sysctl -w net.ipv4.ip_forward=1` and `iptables -P FORWARD ACCEPT` are run (and persisted) to allow IP forwarding. To persist these changes, see: https://wiki.alpinelinux.org/wiki/Configure_Networking, refer to "Save Firewall Rules".

View File

@ -136,10 +136,10 @@ protocol static {
# Announce the whole network as unreachable; this returns packets that reach
# this router as unreachable (ICMP type=3, code=0) if no more specific route
# is defined for the network subnet
range ${network_address}/${global_prefix:-16}+ unreachable;
route ${network_address}/${global_prefix:-16} unreachable;
# Announced networks
{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}route {{.}} via ${internal_interface:-eth0};
{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}route {{.}} via ${internal_gateway};
{{ end }}{{ end }}
};