Date created: Wednesday, December 11, 2024 5:44:26 PM. Last modified: Friday, January 10, 2025 9:52:57 AM
Example BIRD Config - Filters
Basic BGP operations:
log stderr all; log syslog all; debug protocols all; router id 10.10.10.27; protocol device { } filter prepend_65530 { if (net = 172.16.0.0/32) then { bgp_community.add( (65535, 666) ); } bgp_path.prepend(65530); bgp_community.add( (65535, 65281) ); accept; } protocol bgp { description "IPv4 peering"; neighbor 10.10.10.26 as 65535; local 10.10.10.27 as 65530; router id 10.10.10.27; source address 10.10.10.27; strict bind on; # Default off direct; # default enabled for eBGP interpret communities off; # default on enable route refresh on; # default on enable as4 on; # default on capabilities on; # default on ipv4 { # "none" and "all" filters are built-ins import none; # Default off export filter prepend_65530; # Default off mandatory on; # Default off }; } protocol static { ipv4; route 172.16.0.0/22 blackhole; route 172.16.0.0/32 blackhole; route 172.16.0.0/24 blackhole; }
Extended communities:
filter accept_lab_pfxs { if (net = 172.16.0.0.0/24 || net = 10.0.0.30/31) then { accept; } reject; } filter add_ext_comm { bgp_ext_community.add( (ro, 0, 4100000002) ); bgp_ext_community.add( (rt, 0, 4100000002) ); accept; } protocol bgp { neighbor 10.0.0.9 as 65535; local 10.0.0.10 as 4100000000; router id 10.0.0.10; source address 10.0.0.10; strict bind on; direct; interpret communities off; enable route refresh on; enable as4 on; capabilities on; ipv4 { import filter accept_lab_pfxs; export filter add_ext_comm; mandatory on; import keep filtered; }; } protocol static { ipv4; route 10.0.0.40/30 blackhole; }
Previous page: Dockerfile
Next page: Example BIRD Config - Flowspec