summaryrefslogtreecommitdiff
path: root/roles/setup_ffrl_tunnel/templates/bird.conf
diff options
context:
space:
mode:
authorNiklas Yann Wettengel <niyawe@niyawe.de>2022-01-22 23:18:36 +0100
committerNiklas Yann Wettengel <niyawe@niyawe.de>2022-01-22 23:18:36 +0100
commit4d3268b80b55e227a1a89515842cbaaa8a13d788 (patch)
treee7b85a5214614c5dcb7c999f56c0b369011b50d3 /roles/setup_ffrl_tunnel/templates/bird.conf
parentfb0dbf28a0e7979050858256d2040d734b282afe (diff)
loppermann1
Diffstat (limited to 'roles/setup_ffrl_tunnel/templates/bird.conf')
-rw-r--r--roles/setup_ffrl_tunnel/templates/bird.conf24
1 files changed, 24 insertions, 0 deletions
diff --git a/roles/setup_ffrl_tunnel/templates/bird.conf b/roles/setup_ffrl_tunnel/templates/bird.conf
index c609a5b..7e3db92 100644
--- a/roles/setup_ffrl_tunnel/templates/bird.conf
+++ b/roles/setup_ffrl_tunnel/templates/bird.conf
@@ -3,21 +3,31 @@ timeformat protocol iso long;
#log "bird.log" all;
# debug protocols all;
+{% if ffrl_ip4 is defined %}
define ffrl_nat_address = {{ ffrl_ip4 }};
+{% endif %}
define ffmyk_as = 65032; # private AS of ffmyk
define ffrl_as = 201701; # public AS of rheinland
+{% if ffrl_ip4 is defined %}
router id ffrl_nat_address;
+{% else %}
+router id {{ ffrl_router_id }};
+{% endif %}
+{% if ffrl_ip4 is defined %}
ipv4 table ffrl4;
+{% endif %}
ipv6 table ffrl6;
+{% if ffrl_ip4 is defined %}
function is_default4() {
return net ~ [
0.0.0.0/0
];
}
+{% endif %}
function is_default6() {
return net ~ [
@@ -25,11 +35,13 @@ function is_default6() {
];
}
+{% if ffrl_ip4 is defined %}
function is_ffrl_nat4() {
return net ~ [
{{ ffrl_ip4 }}/32
];
}
+{% endif %}
function is_ffrl_public_nets6() {
return net ~ [
@@ -37,11 +49,13 @@ function is_ffrl_public_nets6() {
];
}
+{% if ffrl_ip4 is defined %}
function is_ffrl_tunnel_nets4() {
return net ~ [
100.64.0.0/10
];
}
+{% endif %}
function is_ffrl_tunnel_nets6() {
return net ~ [
@@ -49,6 +63,7 @@ function is_ffrl_tunnel_nets6() {
];
}
+{% if ffrl_ip4 is defined %}
# BGP Import Filter für Rheinland
filter ebgp_ffrl_import_filter4 {
if is_default4() then accept;
@@ -60,6 +75,7 @@ filter ebgp_ffrl_export_filter4 {
if is_ffrl_nat4() then accept;
reject;
}
+{% endif %}
filter ebgp_ffrl_import_filter6 {
if is_default6() then accept;
@@ -75,11 +91,13 @@ protocol device {
scan time 10;
}
+{% if ffrl_ip4 is defined %}
# IP-NAT-Adresse legen wir in die interne BIRD Routing Table
protocol static ffrl_uplink_hostroute4 {
ipv4 { table ffrl4; };
route {{ ffrl_ip4 }}/32 reject;
}
+{% endif %}
protocol static ffrl_public_routes6 {
ipv6 { table ffrl6; };
@@ -95,6 +113,7 @@ protocol static ffrl_public_routes6 {
# import where is_ffrl_tunnel_nets4();
#}
+{% if ffrl_ip4 is defined %}
# Wir exportieren über Rheinland gelernte Routen in die Kernel Table 47 (ffrl)
protocol kernel kernel_ffrl4 {
scan time 30;
@@ -108,6 +127,7 @@ protocol kernel kernel_ffrl4 {
};
kernel table 42;
};
+{% endif %}
protocol kernel kernel_ffrl6 {
scan time 30;
@@ -122,6 +142,7 @@ protocol kernel kernel_ffrl6 {
kernel table 42;
};
+{% if ffrl_ip4 is defined %}
# BGP Template für Rheinland Peerings
template bgp ffrl_uplink4 {
local as ffmyk_as;
@@ -134,6 +155,7 @@ template bgp ffrl_uplink4 {
};
direct;
};
+{% endif %}
template bgp ffrl_uplink6 {
local as ffmyk_as;
@@ -148,10 +170,12 @@ template bgp ffrl_uplink6 {
};
{% for peer in ffrl_peers %}
+{% if ffrl_ip4 is defined %}
protocol bgp ffrl_{{ peer.name }}4 from ffrl_uplink4 {
source address {{ peer.ip4 }};
neighbor {{ peer.peer_ip4 }} as 201701;
};
+{% endif %}
protocol bgp ffrl_{{ peer.name }}6 from ffrl_uplink6 {
source address {{ peer.ip6 }};