Date created: Wednesday, December 11, 2024 5:44:26 PM. Last modified: Friday, January 10, 2025 9:52:57 AM

Example BIRD Config - Filters

Basic BGP operations:

log stderr all;
log syslog all;
debug protocols all;

router id 10.10.10.27;

protocol device {
}

filter prepend_65530 {
    if (net = 172.16.0.0/32) then {
        bgp_community.add( (65535, 666) );
    }
    bgp_path.prepend(65530);
    bgp_community.add( (65535, 65281) );
    accept;
}

protocol bgp {
    description "IPv4 peering";
    neighbor 10.10.10.26 as 65535;
    local 10.10.10.27 as 65530;
    router id 10.10.10.27;
    source address 10.10.10.27;
    strict bind on; # Default off
    direct; # default enabled for eBGP
    interpret communities off; # default on
    enable route refresh on; # default on
    enable as4 on; # default on
    capabilities on; # default on
    ipv4 {
        # "none" and "all" filters are built-ins
        import none; # Default off
        export filter prepend_65530; # Default off
        mandatory on; # Default off
    };
}

protocol static {
    ipv4;
    route 172.16.0.0/22 blackhole;
    route 172.16.0.0/32 blackhole;
    route 172.16.0.0/24 blackhole;
}

 

Extended communities:

filter accept_lab_pfxs {
    if (net = 172.16.0.0.0/24 || net = 10.0.0.30/31) then {
        accept;
    }
    reject;
}

filter add_ext_comm {
    bgp_ext_community.add( (ro, 0, 4100000002) );
    bgp_ext_community.add( (rt, 0, 4100000002) );
    accept;
}

protocol bgp {
    neighbor 10.0.0.9 as 65535;
    local 10.0.0.10 as 4100000000;
    router id 10.0.0.10;
    source address 10.0.0.10;
    strict bind on;
    direct;
    interpret communities off;
    enable route refresh on;
    enable as4 on;
    capabilities on;
    ipv4 {
        import filter accept_lab_pfxs;
        export filter add_ext_comm;
        mandatory on;
        import keep filtered;
    };
}

protocol static {
    ipv4;
    route 10.0.0.40/30 blackhole;
}

Previous page: Dockerfile
Next page: Example BIRD Config - Flowspec