diff --git a/bird/bird.conf.tmpl b/bird/bird.conf.tmpl index f988f41..5561317 100644 --- a/bird/bird.conf.tmpl +++ b/bird/bird.conf.tmpl @@ -18,52 +18,6 @@ router id ${address}; # See: https://bird.network.cz/?get_doc&v=20&f=bird-2.html (recommend; BIRD is neat) ipv4 table lixonet; -# Static routes -# Define propagated routes here from the lixonet.conf "routes" variable -# Attached to the above "lixonet" routing table; "provide" these routes into it -# See how dn42 does it; we're very similar: https://dn42.net/howto/Bird -protocol static { - ipv4 { - table lixonet; - import all; - export none; - }; - - # Announced networks - {{ if len "${routes:-}" }}{{ range "$routes" | split "," }}route {{.}} reject;{{ end }}{{ end }} -}; - -# Device -# See: https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.4 -# This controls which interfaces BGP, etc. will bind to for communication -# This prevents BGP from listening on eth0/off-network -protocol device { - scan time 10; # Scan the interfaces often - interface "lixonet" { - preferred ${address}; - }; -}; - -# Direct (unnecessary for Lixonet) -# See: https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.5 -# Disable automatically generating direct routes to all network interfaces. -protocol direct { - disabled; # Disable by default -}; - -# Kernel routing table -# See: https://bird.network.cz/?get_doc&v=20&f=bird.html#toc6.6 -protocol kernel { # Primary routing table - learn; # Learn alien routes from the kernel - persist; # Don't remove routes on bird shutdown - scan time 10; # Scan kernel routing table every 10 seconds - ipv4 { - table lixonet; - import none; # Don't try to import any routes from the kernel - export filter kernel_export_filter; # Export everything we are told to the kernel - }; -}; - # Filters # Define a series of filters for Lixonet routing policies: # - Cannot advertise a route which is in the router subnet: typically 172.x.0.0/24 @@ -117,6 +71,52 @@ filter kernel_export_filter reject; # Reject anything else (non-Lixonet) } +# Static routes +# Define propagated routes here from the lixonet.conf "routes" variable +# Attached to the above "lixonet" routing table; "provide" these routes into it +# See how dn42 does it; we're very similar: https://dn42.net/howto/Bird +protocol static { + ipv4 { + table lixonet; + import all; + export none; + }; + + # Announced networks + {{ if len "${routes:-}" }}{{ range "$routes" | split "," }}route {{.}} reject;{{ end }}{{ end }} +}; + +# Device +# See: https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.4 +# This controls which interfaces BGP, etc. will bind to for communication +# This prevents BGP from listening on eth0/off-network +protocol device { + scan time 10; # Scan the interfaces often + interface "lixonet" { + preferred ${address}; + }; +}; + +# Direct (unnecessary for Lixonet) +# See: https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.5 +# Disable automatically generating direct routes to all network interfaces. +protocol direct { + disabled; # Disable by default +}; + +# Kernel routing table +# See: https://bird.network.cz/?get_doc&v=20&f=bird.html#toc6.6 +protocol kernel { # Primary routing table + learn; # Learn alien routes from the kernel + persist; # Don't remove routes on bird shutdown + scan time 10; # Scan kernel routing table every 10 seconds + ipv4 { + table lixonet; + import none; # Don't try to import any routes from the kernel + export filter kernel_export_filter; # Export everything we are told to the kernel + }; +}; + # BGP (primary Lixonet routing protocol) # This is a template to use when connecting to other BGP clients on the EE network # This template is applied to ALL neighbors, so consider these global settings that