Home Explore Help
Register Sign In
FreifunkHochstift
/
ffho-salt-public
2
0
Fork 2
Files Issues 0 Pull Requests 0
Tree: f2aadbff7e
Branches Tags
ffho-salt-pu...
/
bird
/
ffrl.conf

ffrl.conf 1.7 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. #
    2. 

  2. # FFRL upstream (Salt managed)
    3. 

  3. #
    4. 

  4. {%- set ifaces = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':ifaces', {}) %}
    5. 

  5. {%- set sessions = salt['ffho_net.get_ffrl_bgp_config'](ifaces, proto) %}
    6. 

  6. {%- set te_community_map_ffrl = salt['pillar.get']('te:community_map:' ~ grains['id'] ~ ':ffrl', [])|sort %}
    7. 

  7. 

  8. 

  9. filter ffrl_in {
    10. 

  10. 	if net ~ [
    11. 

  11. {%- if proto == 'v4'%}
    12. 

  12. 		0.0.0.0/0
    13. 

  13. {%- else %}
    14. 

  14. 		::/0
    15. 

  15. {%- endif %}
    16. 

  16. 	] then {
    17. 

  17. 		# Rewrite BGP next hop to loopback IP so we don't have to
    18. 

  18. 		# include transfer networks to AS201701 in IGP.
    19. 

  19. 		bgp_next_hop = LO_IP;
    20. 

  20. 		accept;
    21. 

  21. 	}
    22. 

  22. 

  23. 	reject;
    24. 

  24. };
    25. 

  25. 

  26. 

  27. filter ffrl_out {
    28. 

  28. {%- if proto == 'v4'%}
    29. 

  29. 	if proto != "p_nat" then
    30. 

  30. 		reject;
    31. 

  31. 

  32. 	if net ~ [
    33. 

  33. 		185.66.194.80/29+,
    34. 

  34. 		185.66.194.84/31+,	# FRA-IPs
    35. 

  35. 		185.66.195.94/31+	# BER-IPs
    36. 

  36. {%- else %}
    37. 

  37. 	if net ~ [
    38. 

  38. 		2a03:2260:2342::/48{48,56}
    39. 

  39. {%- endif %}
    40. 

  40. 	] then {
    41. 

  41. 		# Is there an export restriction for this route?
    42. 

  42. 		if (EXPORT_RESTRICT ~ bgp_community) then {
    43. 

  43.   {%- for community in te_community_map_ffrl %}
    44. 

  44. 			if ({{ community }} ~ bgp_community) then
    45. 

  45. 				accept;
    46. 

  46. 

  47.   {%- endfor %}
    48. 

  48. 		}
    49. 

  49. 

  50. 		# No export restriction, go ahead
    51. 

  51. 		else {
    52. 

  52. 			accept;
    53. 

  53. 		}
    54. 

  54. 	}
    55. 

  55. 

  56. 	reject;
    57. 

  57. };
    58. 

  58. 

  59. {%- if proto == 'v4' %}
    60. 

  60. 

  61. protocol direct p_nat {
    62. 

  62. 	interface "nat";
    63. 

  63. }
    64. 

  64. {%- endif %}
    65. 

  65. 

  66. define AS_FFRL = 201701;
    67. 

  67. 

  68. template bgp as201701 {
    69. 

  69. 	import filter ffrl_in;
    70. 

  70. 	export filter ffrl_out;
    71. 

  71. 

  72. 	local as 65132;
    73. 

  73. 

  74. 	preference 200;
    75. 

  75. }
    76. 

  76. 

  77. 

  78. {% for session in sessions|sort %}
    79. 

  79.   {%- set session_config = sessions.get (session) %}
    80. 

  80.   {%- set bgp_local_pref = session_config.get ('bgp_local_pref') %}
    81. 

  81. protocol bgp {{ session }} from as201701 {
    82. 

  82. 	source address {{ session_config.get ('local') }};
    83. 

  83. 	neighbor {{ session_config.get ('neighbor') }} as AS_FFRL;
    84. 

  84.   {%- if bgp_local_pref %}
    85. 

  85. 	default bgp_local_pref {{ bgp_local_pref }};
    86. 

  86.   {%- endif %}
    87. 

  87. }
    88. 

  88. {% endfor %}
    89.