]>
Commit | Line | Data |
---|---|---|
04a22949 | 1 | <!doctype birddoc system> |
d37f899b PM |
2 | |
3 | <!-- | |
d150c637 | 4 | BIRD documentation |
d37f899b | 5 | |
02357f96 PM |
6 | This documentation can have 4 forms: sgml (this is master copy), html, |
7 | ASCII text and dvi/postscript (generated from sgml using | |
8 | sgmltools). You should always edit master copy. | |
9 | ||
4e8ec666 | 10 | This is a slightly modified linuxdoc dtd. Anything in <descrip> tags is considered definition of |
326e33f5 | 11 | configuration primitives, <cf> is fragment of configuration within normal text, <m> is |
cd4fecb6 | 12 | "meta" information within fragment of configuration - something in config which is not keyword. |
d37f899b PM |
13 | |
14 | (set-fill-column 100) | |
15 | ||
16 | Copyright 1999,2000 Pavel Machek <pavel@ucw.cz>, distribute under GPL version 2 or later. | |
17 | ||
18 | --> | |
19 | ||
371adba6 | 20 | <book> |
d37f899b | 21 | |
aa185265 | 22 | <title>BIRD User's Guide |
d37f899b | 23 | <author> |
aa185265 MM |
24 | Ondrej Filip <it/<feela@network.cz>/, |
25 | Pavel Machek <it/<pavel@ucw.cz>/, | |
26 | Martin Mares <it/<mj@ucw.cz>/ | |
27 | </author> | |
d37f899b | 28 | |
d37f899b | 29 | <abstract> |
aa185265 | 30 | This document contains user documentation for the BIRD Internet Routing Daemon project. |
d37f899b PM |
31 | </abstract> |
32 | ||
33 | <!-- Table of contents --> | |
34 | <toc> | |
35 | ||
36 | <!-- Begin the document --> | |
37 | ||
371adba6 | 38 | <chapt>Introduction |
d37f899b | 39 | |
371adba6 | 40 | <sect>What is BIRD |
d37f899b | 41 | |
897cd7aa MM |
42 | <p><label id="intro"> |
43 | The name `BIRD' is actually an acronym standing for `BIRD Internet Routing Daemon'. | |
44 | Let's take a closer look at the meaning of the name: | |
45 | ||
46 | <p><em/BIRD/: Well, we think we have already explained that. It's an acronym standing | |
47 | for `BIRD Internet Routing Daemon', you remember, don't you? :-) | |
48 | ||
49 | <p><em/Internet Routing/: It's a program (well, a daemon, as you are going to discover in a moment) | |
50 | which works as a dynamic router in an Internet type network (that is, in a network running either | |
51 | the IPv4 or the IPv6 protocol). Routers are devices which forward packets between interconnected | |
52 | networks in order to allow hosts not connected directly to the same local area network to | |
02357f96 | 53 | communicate with each other. They also communicate with the other routers in the Internet to discover |
897cd7aa | 54 | the topology of the network which allows them to find optimal (in terms of some metric) rules for |
96264d4d | 55 | forwarding of packets (which are called routing tables) and to adapt themselves to the |
897cd7aa MM |
56 | changing conditions such as outages of network links, building of new connections and so on. Most of |
57 | these routers are costly dedicated devices running obscure firmware which is hard to configure and | |
02357f96 | 58 | not open to any changes (on the other hand, their special hardware design allows them to keep up with lots of high-speed network interfaces, better than general-purpose computer does). Fortunately, most operating systems of the UNIX family allow an ordinary |
897cd7aa MM |
59 | computer to act as a router and forward packets belonging to the other hosts, but only according to |
60 | a statically configured table. | |
61 | ||
62 | <p>A <em/Routing Daemon/ is in UNIX terminology a non-interactive program running on | |
63 | background which does the dynamic part of Internet routing, that is it communicates | |
64 | with the other routers, calculates routing tables and sends them to the OS kernel | |
a92fe607 OZ |
65 | which does the actual packet forwarding. There already exist other such routing |
66 | daemons: routed (RIP only), GateD (non-free), Zebra<HTMLURL URL="http://www.zebra.org"> | |
67 | and MRTD<HTMLURL URL="http://sourceforge.net/projects/mrt">, but their capabilities are | |
68 | limited and they are relatively hard to configure and maintain. | |
897cd7aa MM |
69 | |
70 | <p>BIRD is an Internet Routing Daemon designed to avoid all of these shortcomings, | |
5459fac6 | 71 | to support all the routing technology used in the today's Internet or planned to be |
897cd7aa MM |
72 | used in near future and to have a clean extensible architecture allowing new routing |
73 | protocols to be incorporated easily. Among other features, BIRD supports: | |
74 | ||
75 | <itemize> | |
76 | <item>both IPv4 and IPv6 protocols | |
77 | <item>multiple routing tables | |
78 | <item>the Border Gateway Protocol (BGPv4) | |
96264d4d | 79 | <item>the Routing Information Protocol (RIPv2) |
897cd7aa | 80 | <item>the Open Shortest Path First protocol (OSPFv2) |
02357f96 | 81 | <item>a virtual protocol for exchange of routes between different routing tables on a single host |
897cd7aa MM |
82 | <item>a command-line interface allowing on-line control and inspection |
83 | of status of the daemon | |
84 | <item>soft reconfiguration (no need to use complex online commands | |
85 | to change the configuration, just edit the configuration file | |
02357f96 | 86 | and notify BIRD to re-read it and it will smoothly switch itself |
897cd7aa MM |
87 | to the new configuration, not disturbing routing protocols |
88 | unless they are affected by the configuration changes) | |
02357f96 | 89 | <item>a powerful language for route filtering |
897cd7aa MM |
90 | </itemize> |
91 | ||
92 | <p>BIRD has been developed at the Faculty of Math and Physics, Charles University, Prague, | |
e9df1bb6 | 93 | Czech Republic as a student project. It can be freely distributed under the terms of the GNU General |
897cd7aa MM |
94 | Public License. |
95 | ||
96 | <p>BIRD has been designed to work on all UNIX-like systems. It has been developed and | |
4e9742bb OF |
97 | tested under Linux 2.0 to 2.4, and then ported to FreeBSD and NetBSD, porting to other |
98 | systems (even non-UNIX ones) should be relatively easy due to its highly modular architecture. | |
d37f899b | 99 | |
371adba6 | 100 | <sect>Installing BIRD |
440439e3 | 101 | |
02357f96 | 102 | <p>On a recent UNIX system with GNU development tools (GCC, binutils, m4, make) and Perl, installing BIRD should be as easy as: |
440439e3 PM |
103 | |
104 | <code> | |
105 | ./configure | |
106 | make | |
107 | make install | |
108 | vi /usr/local/etc/bird.conf | |
c184d9d0 | 109 | bird |
440439e3 PM |
110 | </code> |
111 | ||
02357f96 PM |
112 | <p>You can use <tt>./configure --help</tt> to get a list of configure |
113 | options. The most important ones are: | |
114 | <tt/--enable-ipv6/ which enables building of an IPv6 version of BIRD, | |
115 | <tt/--with-protocols=/ to produce a slightly smaller BIRD executable by configuring out routing protocols you don't use, and | |
116 | <tt/--prefix=/ to install BIRD to a place different from. | |
b093c328 PM |
117 | <file>/usr/local</file>. |
118 | ||
02357f96 | 119 | <sect>Running BIRD |
36032ded | 120 | |
c184d9d0 | 121 | <p>You can pass several command-line options to bird: |
d26524fa | 122 | |
c184d9d0 PM |
123 | <descrip> |
124 | <tag>-c <m/config name/</tag> | |
66701947 | 125 | use given configuration file instead of <it/prefix/<file>/etc/bird.conf</file>. |
c184d9d0 PM |
126 | |
127 | <tag>-d</tag> | |
02357f96 | 128 | enable debug messages and run bird in foreground. |
c184d9d0 | 129 | |
02357f96 PM |
130 | <tag>-D <m/filename of debug log/</tag> |
131 | log debugging information to given file instead of stderr | |
c184d9d0 PM |
132 | |
133 | <tag>-s <m/name of communication socket/</tag> | |
66701947 | 134 | use given filename for a socket for communications with the client, default is <it/prefix/<file>/var/run/bird.ctl</file>. |
c184d9d0 | 135 | </descrip> |
d26524fa | 136 | |
02357f96 PM |
137 | <p>BIRD writes messages about its work to log files or syslog (according to config). |
138 | ||
a852c139 PM |
139 | <chapt>About routing tables |
140 | ||
96264d4d PM |
141 | <p>BIRD has one or more routing tables which may or may not be |
142 | synchronized with OS kernel and which may or may not be synchronized with | |
143 | each other (see the Pipe protocol). Each routing table contains a list of | |
a852c139 PM |
144 | known routes. Each route consists of: |
145 | ||
146 | <itemize> | |
96264d4d PM |
147 | <item>network prefix this route is for (network address and prefix length -- the number of bits forming the network part of the address; also known as a netmask) |
148 | <item>preference of this route | |
149 | <item>IP address of router which told us about this route | |
02357f96 | 150 | <item>IP address of router we should forward the packets to |
a852c139 PM |
151 | using this route |
152 | <item>other attributes common to all routes | |
02357f96 PM |
153 | <item>dynamic attributes defined by protocols which may or |
154 | may not be present (typically protocol metrics) | |
a852c139 PM |
155 | </itemize> |
156 | ||
96264d4d PM |
157 | Routing table maintains multiple entries |
158 | for a network, but at most one entry for one network and one | |
159 | protocol. The entry with the highest preference is used for routing (we | |
160 | will call such an entry the <it/selected route/). If | |
02357f96 | 161 | there are more entries with the same preference and they are from the same |
96264d4d PM |
162 | protocol, the protocol decides (typically according to metrics). If they aren't, |
163 | an internal ordering is used to break the tie. You can | |
164 | get the list of route attributes in the Route attributes section. | |
165 | ||
166 | <p>Each protocol is connected to a routing table through two filters | |
167 | which can accept, reject and modify the routes. An <it/export/ | |
168 | filter checks routes passed from the routing table to the protocol, | |
169 | an <it/import/ filter checks routes in the opposite direction. | |
170 | When the routing table gets a route from a protocol, it recalculates | |
171 | the selected route and broadcasts it to all protocols connected to | |
172 | the table. The protocols typically send the update to other routers | |
173 | in the network. | |
a852c139 | 174 | |
371adba6 | 175 | <chapt>Configuration |
af0b25d2 | 176 | |
371adba6 | 177 | <sect>Introduction |
d37f899b | 178 | |
66701947 | 179 | <p>BIRD is configured using a text configuration file. Upon startup, BIRD reads <it/prefix/<file>/etc/bird.conf</file> (unless the |
1632f1fe PM |
180 | <tt/-c/ command line option is given). Configuration may be changed at user's request: if you modify |
181 | the config file and then signal BIRD with <tt/SIGHUP/, it will adjust to the new | |
182 | config. Then there's the client | |
183 | which allows you to talk with BIRD in an extensive way. | |
02357f96 PM |
184 | |
185 | <p>In the config, everything on a line after <cf/#/ or inside <cf>/* | |
186 | */</cf> is a comment, whitespace characters are treated as a single space. If there's a variable number of options, they are grouped using | |
187 | the <cf/{ }/ brackets. Each option is terminated by a <cf/;/. Configuration | |
326e33f5 PM |
188 | is case sensitive. |
189 | ||
02357f96 PM |
190 | <p>Here is an example of a simple config file. It enables |
191 | synchronization of routing tables with OS kernel, scans for | |
192 | new network interfaces every 10 seconds and runs RIP on all network interfaces found. | |
4a5bb2bf | 193 | |
d37f899b | 194 | |
a0dd1c74 | 195 | <code> |
d37f899b | 196 | protocol kernel { |
d150c637 | 197 | persist; # Don't remove routes on BIRD shutdown |
d37f899b PM |
198 | scan time 20; # Scan kernel routing table every 20 seconds |
199 | export all; # Default is export none | |
200 | } | |
201 | ||
202 | protocol device { | |
203 | scan time 10; # Scan interfaces every 10 seconds | |
204 | } | |
205 | ||
206 | protocol rip { | |
207 | export all; | |
208 | import all; | |
209 | } | |
a0dd1c74 | 210 | </code> |
d37f899b | 211 | |
326e33f5 | 212 | |
371adba6 | 213 | <sect>Global options |
af0b25d2 | 214 | |
a0dd1c74 | 215 | <p><descrip> |
2f647f3f | 216 | <tag>log "<m/filename/"|syslog|stderr all|{ <m/list of classes/ }</tag> |
1632f1fe | 217 | Set logging of messages having the given class (either <cf/all/ or <cf/{ |
242352b7 | 218 | error, trace }/ etc.) into selected destination. Classes are: |
1632f1fe | 219 | <cf/info/, <cf/warning/, <cf/error/ and <cf/fatal/ for messages about local problems, |
98627595 | 220 | <cf/debug/ for debugging messages, |
02357f96 PM |
221 | <cf/trace/ when you want to know what happens in the network, |
222 | <cf/remote/ for messages about misbehavior of remote machines, | |
223 | <cf/auth/ about authentication failures, | |
4e8ec666 | 224 | <cf/bug/ for internal BIRD bugs. You may specify more than one <cf/log/ line to establish logging to multiple |
5a203dac | 225 | destinations. Default: log everything to the system log. |
02357f96 | 226 | |
7581b81b | 227 | <tag>debug protocols all|off|{ states, routes, filters, interfaces, events, packets }</tag> |
5a203dac PM |
228 | Set global defaults of protocol debugging options. See <cf/debug/ in the following section. Default: off. |
229 | ||
230 | <tag>debug commands <m/number/</tag> | |
231 | Control logging of client connections (0 for no logging, 1 for | |
232 | logging of connects and disconnects, 2 and higher for logging of | |
233 | all client commands). Default: 0. | |
249d238c | 234 | |
02357f96 | 235 | <tag>filter <m/name local variables/{ <m/commands/ }</tag> Define a filter. You can learn more about filters |
5a203dac | 236 | in the following chapter. |
326e33f5 | 237 | |
96264d4d | 238 | <tag>function <m/name/ (<m/parameters/) <m/local variables/ { <m/commands/ }</tag> Define a function. You can learn more |
02357f96 | 239 | about functions in the following chapter. |
bfd71178 | 240 | |
02357f96 | 241 | <tag>protocol rip|ospf|bgp|... <m/[name]/ { <m>protocol options</m> }</tag> Define a protocol |
1632f1fe | 242 | instance called <cf><m/name/</cf> (or with a name like "rip5" generated automatically if you don't specify any <cf><m/name/</cf>). You can learn more |
d150c637 | 243 | about configuring protocols in their own chapters. You can run more than one instance of |
5a203dac | 244 | most protocols (like RIP or BGP). By default, no instances are configured. |
249d238c | 245 | |
02357f96 | 246 | <tag>define <m/constant/ = (<m/expression/)|<m/number/|<m/IP address/</tag> Define a constant. You can use it later in every place |
1632f1fe | 247 | you could use a simple integer or an IP address. |
249d238c | 248 | |
5a203dac | 249 | <tag>router id <m/IPv4 address/</tag> Set BIRD's router ID. It's a world-wide unique identification of your router, usually one of router's IPv4 addresses. Default: in IPv4 version, the lowest IP address of a non-loopback interface. In IPv6 version, this option is mandatory. |
249d238c | 250 | |
02357f96 | 251 | <tag>table <m/name/</tag> Create a new routing table. The default |
326e33f5 PM |
252 | routing table is created implicitly, other routing tables have |
253 | to be added by this command. | |
af0b25d2 | 254 | |
02357f96 | 255 | <tag>eval <m/expr/</tag> Evaluates given filter expression. It |
1632f1fe | 256 | is used by us for testing of filters. |
249d238c PM |
257 | </descrip> |
258 | ||
371adba6 | 259 | <sect>Protocol options |
bfd71178 | 260 | |
5a203dac PM |
261 | <p>For each protocol instance, you can configure a bunch of options. |
262 | Some of them (those described in this section) are generic, some are | |
263 | specific to the protocol (see sections talking about the protocols). | |
7581b81b | 264 | |
5a203dac PM |
265 | <p>Several options use a <cf><m/switch/</cf> argument. It can be either |
266 | <cf/on/, <cf/yes/ or a numeric expression with a non-zero value for the | |
267 | option to be enabled or <cf/off/, <cf/no/ or a numeric expression evaluating | |
268 | to zero to disable it. An empty <cf><m/switch/</cf> is equivalent to <cf/on/ | |
269 | ("silence means agreement"). | |
7581b81b | 270 | |
5a203dac PM |
271 | <descrip> |
272 | <tag>preference <m/expr/</tag> Sets the preference of routes generated by this protocol. Default: protocol dependent. | |
273 | ||
274 | <tag>disabled <m/switch/</tag> Disables the protocol. You can change the disable/enable status from the command | |
275 | line interface without needing to touch the configuration. Disabled protocols are not activated. Default: protocol is enabled. | |
276 | ||
277 | <tag>debug all|off|{ states, routes, filters, interfaces, events, packets }</tag> | |
278 | Set protocol debugging options. If asked, each protocol is capable of | |
279 | writing trace messages about its work to the log (with category | |
280 | <cf/trace/). You can either request printing of <cf/all/ trace messages | |
281 | or only of the types selected: <cf/states/ for protocol state changes | |
282 | (protocol going up, down, starting, stopping etc.), | |
283 | <cf/routes/ for routes exchanged with the routing table, | |
284 | <cf/filters/ for details on route filtering, | |
285 | <cf/interfaces/ for interface change events sent to the protocol, | |
286 | <cf/events/ for events internal to the protocol and | |
287 | <cf/packets/ for packets sent and received by the protocol. Default: off. | |
288 | ||
289 | <tag>import all | none | filter <m/name/ | filter { <m/filter commands/ } | where <m/filter expression/</tag> | |
1632f1fe | 290 | Specify a filter to be used for filtering routes coming from the protocol to the routing table. <cf/all/ is shorthand for <cf/where true/ and <cf/none/ is shorthand for <cf/where false/. Default: <cf/all/. |
bfd71178 | 291 | |
1632f1fe PM |
292 | <tag>export <m/filter/</tag> This is similar to the <cf>import</cf> keyword, except that it |
293 | works in the direction from the routing table to the protocol. Default: <cf/none/. | |
af0b25d2 | 294 | |
a7c9f7c0 | 295 | <tag>table <m/name/</tag> Connect this protocol to a non-default routing table. |
7581b81b PM |
296 | </descrip> |
297 | ||
a7c9f7c0 | 298 | <p>There are several options that give sense only with certain protocols: |
7581b81b PM |
299 | |
300 | <descrip> | |
301 | <tag>passwords { password "<m/password/" from <m/time/ to <m/time/ passive <m/time/ id | |
a7c9f7c0 | 302 | <m/num/ [...] }</tag> Specifies passwords to be used with this protocol. <cf>Passive <m/time/</cf> is |
1632f1fe | 303 | time from which the password is not used for sending, but it is recognized on reception. <cf/id/ is password ID as needed by |
5a203dac | 304 | certain protocols. Format of <cf><m/time/</cf> is <tt>dd-mm-yyyy HH:MM:SS</tt>. |
7581b81b | 305 | |
96264d4d | 306 | <tag>interface "<m/mask/"|<m/prefix/ [ { <m/option/ ; [...] } ]</tag> Specifies which |
1632f1fe PM |
307 | interfaces is this protocol active on and allows you to set options on a |
308 | per-interface basis. Mask is specified as in shell-like patterns, thus <cf>interface | |
a7c9f7c0 | 309 | "*" { mode broadcast; };</cf> will start the protocol on all interfaces with <cf>mode |
1632f1fe | 310 | broadcast;</cf> option. If the first character of mask is <cf/-/, such interfaces are |
a7c9f7c0 | 311 | excluded. Masks are parsed left-to-right, thus <cf/interface "-eth*", "*";/ means all but |
5a203dac PM |
312 | the ethernets. Default: none. |
313 | ||
7581b81b | 314 | </descrip> |
d37f899b | 315 | |
5a203dac | 316 | <chapt>Remote control |
36032ded | 317 | |
a7c9f7c0 | 318 | <p>You can use the command-line client <file>birdc</file> to talk with |
1632f1fe | 319 | a running BIRD. Communication is done using a <file/bird.ctl/ UNIX domain |
a7c9f7c0 | 320 | socket (unless changed with the <tt/-s/ option given to both the server and |
1632f1fe PM |
321 | the client). The commands can perform simple actions such as enabling/disabling |
322 | of protocols, telling BIRD to show various information, telling it to | |
323 | show routing table filtered by filter, or asking BIRD to | |
36032ded | 324 | reconfigure. Press <tt/?/ at any time to get online help. Option |
1632f1fe | 325 | <tt/-v/ can be passed to the client, to make it dump numeric return |
66701947 | 326 | codes along with the messages. You do not necessarily need to use <file/birdc/ to talk to BIRD, your |
1632f1fe | 327 | own applications could do that, too -- the format of communication between |
66701947 | 328 | BIRD and <file/birdc/ is stable (see the programmer's documentation). |
c184d9d0 | 329 | |
5a203dac | 330 | <p>Here is a brief list of supported functions: |
64722c98 PM |
331 | |
332 | <descrip> | |
5a203dac PM |
333 | <tag>dump resources|sockets|interfaces|neighbors|attributes|routes|protocols</tag> |
334 | Dump contents of internal data structures to the debugging output. | |
335 | ||
336 | <tag>show status</tag> | |
1632f1fe | 337 | Show router status, that is BIRD version, uptime and time from last reconfiguration. |
5a203dac PM |
338 | |
339 | <tag>show protocols [all]</tag> | |
1632f1fe | 340 | Show list of protocol instances along with tables they are connected to and protocol status, possibly giving verbose information, if <cf/all/ is specified. |
64722c98 | 341 | |
5a203dac PM |
342 | <tag>show ospf [interface|neighbors] [<m/name/] ["<m/interface/"]</tag> |
343 | Show detailed information about OSPF protocol, possibly giving a verbose list of interfaces and neighbors. The <m/name/ of the protocol instance can be omitted if there exists only a single instance. | |
64722c98 | 344 | |
5a203dac PM |
345 | <tag>show static [<m/name/]</tag> |
346 | Show detailed information about static routes. The <m/name/ of the protocol instance can be omitted if there exists only a single instance. | |
64722c98 | 347 | |
5a203dac | 348 | <tag>show interfaces [summary]</tag> |
1632f1fe | 349 | Show the list of interfaces. For each interface, print its type, state, MTU and addresses assigned. |
5a203dac PM |
350 | |
351 | <tag>show symbols</tag> | |
1632f1fe | 352 | Show the list of symbols defined in the configuration (names of protocols, routing tables etc.). |
5a203dac | 353 | |
c90ac711 | 354 | <tag>show route [[for] <m/prefix/|<m/IP/] [table <m/sym/] [filter <m/f/|where <m/c/] [(import|preimport) <m/p/] [<m/options/]</tag> |
5a203dac | 355 | Show contents of a routing table (by default of the main one), |
1632f1fe | 356 | that is routes, their metrics and (in case the <cf/all/ switch is given) |
5a203dac PM |
357 | all their attributes. |
358 | ||
359 | <p>You can specify a <m/prefix/ if you want to print routes for a | |
360 | specific network. If you use <cf>for <m/prefix or IP/</cf>, you'll get | |
361 | the entry which will be used for forwarding of packets to the given | |
362 | destination. By default, all routes for each network are printed with | |
363 | the selected one at the top, unless <cf/primary/ is given in which case | |
364 | only the selected route is shown. | |
365 | ||
366 | <p>You can also ask for printing only routes processed and accepted by | |
367 | a given filter (<cf>filter <m/name/</cf> or <cf>filter { <m/filter/ } | |
368 | </cf> or matching a given condition (<cf>where <m/condition/</cf>). | |
c90ac711 OF |
369 | The <cf/import/ and <cf/preimport/ switches ask for printing of entries |
370 | that are imported to the specified protocol. With <cf/preimport/, the | |
371 | import filter of the protocol is skipped. | |
5a203dac PM |
372 | |
373 | <p>The <cf/stats/ switch requests showing of route statistics (the | |
374 | number of networks, number of routes before and after filtering). If | |
375 | you use <cf/count/ instead, only the statistics will be printed. | |
376 | ||
377 | <tag>enable|disable|restart <m/name/|"<m/pattern/"|all</tag> | |
1632f1fe | 378 | Enable, disable or restart a given protocol instance, instances matching the <cf><m/pattern/</cf> or <cf/all/ instances. |
5a203dac PM |
379 | |
380 | <tag>configure ["<m/config file/"]</tag> | |
381 | Reload configuration from a given file. | |
382 | ||
383 | <tag/down/ | |
384 | Shut BIRD down. | |
64722c98 | 385 | |
a4601845 | 386 | <tag>debug <m/protocol/|<m/pattern/|all all|off|{ states | routes | filters | events | packets }</tag> |
64722c98 PM |
387 | Control protocol debugging. |
388 | </descrip> | |
36032ded | 389 | |
371adba6 | 390 | <chapt>Filters |
d37f899b | 391 | |
371adba6 | 392 | <sect>Introduction |
d37f899b | 393 | |
1632f1fe PM |
394 | <p>BIRD contains a simple programming language. (No, it can't yet read mail :-). There are |
395 | two objects in this language: filters and functions. Filters are interpreted by BIRD core when a route is | |
396 | being passed between protocols and routing tables. The filter language contains control structures such | |
397 | as if's and switches, but it allows no loops. An example of a filter using many features can be found in <file>filter/test.conf</file>. | |
d37f899b | 398 | |
a7c9f7c0 PM |
399 | <p>Filter gets the route, looks at its attributes and |
400 | modifies some of them if it wishes. At the end, it decides whether to | |
1632f1fe | 401 | pass the changed route through (using <cf/accept/) or whether to <cf/reject/ it. A simple filter looks |
0e5373fd | 402 | like this: |
d37f899b | 403 | |
a0dd1c74 | 404 | <code> |
d37f899b PM |
405 | filter not_too_far |
406 | int var; | |
407 | { | |
408 | if defined( rip_metric ) then | |
409 | var = rip_metric; | |
410 | else { | |
411 | var = 1; | |
412 | rip_metric = 1; | |
413 | } | |
414 | if rip_metric > 10 then | |
415 | reject "RIP metric is too big"; | |
416 | else | |
417 | accept "ok"; | |
418 | } | |
a0dd1c74 | 419 | </code> |
d37f899b | 420 | |
a7c9f7c0 | 421 | <p>As you can see, a filter has a header, a list of local variables, and a body. The header consists of |
1632f1fe PM |
422 | the <cf/filter/ keyword followed by a (unique) name of filter. The list of local variables consists of |
423 | <cf><M>type name</M>;</cf> pairs where each pair defines one local variable. The body consists of | |
424 | <cf> { <M>statements</M> }</cf>. Each <m/statement/ is terminated by a <cf/;/. You can group | |
425 | several statements to a single compound statement by using braces (<cf>{ <M>statements</M> }</cf>) which is useful if | |
426 | you want to make a bigger block of code conditional. | |
427 | ||
428 | <p>BIRD supports functions, so that you don't have to repeat the same blocks of code over and | |
429 | over. Functions can have zero or more parameters and they can have local variables. Recursion is not allowed. Function definitions | |
326e33f5 | 430 | look like this: |
0e5373fd PM |
431 | |
432 | <code> | |
433 | function name () | |
434 | int local_variable; | |
435 | { | |
436 | local_variable = 5; | |
437 | } | |
438 | ||
439 | function with_parameters (int parameter) | |
440 | { | |
441 | print parameter; | |
442 | } | |
443 | </code> | |
444 | ||
1632f1fe | 445 | <p>Unlike in C, variables are declared after the <cf/function/ line, but before the first <cf/{/. You can't declare |
0e5373fd | 446 | variables in nested blocks. Functions are called like in C: <cf>name(); |
1632f1fe | 447 | with_parameters(5);</cf>. Function may return values using the <cf>return <m/[expr]/</cf> |
a7c9f7c0 | 448 | command. Returning a value exits from current function (this is similar to C). |
0e5373fd | 449 | |
a7c9f7c0 | 450 | <p>Filters are declared in a way similar to functions except they can't have explicit |
1632f1fe | 451 | parameters. They get a route table entry as an implicit parameter, it is also passed automatically |
a7c9f7c0 | 452 | to any functions called. The filter must terminate with either |
1632f1fe | 453 | <cf/accept/ or <cf/reject/ statement. If there's a runtime error in filter, the route |
2f647f3f | 454 | is rejected. |
0e5373fd | 455 | |
a7c9f7c0 PM |
456 | <p>A nice trick to debug filters is to use <cf>show route filter |
457 | <m/name/</cf> from the command line client. An example session might look | |
c184d9d0 PM |
458 | like: |
459 | ||
460 | <code> | |
461 | pavel@bug:~/bird$ ./birdc -s bird.ctl | |
462 | BIRD 0.0.0 ready. | |
c184d9d0 PM |
463 | bird> show route |
464 | 10.0.0.0/8 dev eth0 [direct1 23:21] (240) | |
465 | 195.113.30.2/32 dev tunl1 [direct1 23:21] (240) | |
466 | 127.0.0.0/8 dev lo [direct1 23:21] (240) | |
467 | bird> show route ? | |
1632f1fe | 468 | show route [<prefix>] [table <t>] [filter <f>] [all] [primary]... |
66701947 | 469 | bird> show route filter { if 127.0.0.5 ˜ net then accept; } |
c184d9d0 PM |
470 | 127.0.0.0/8 dev lo [direct1 23:21] (240) |
471 | bird> | |
472 | </code> | |
473 | ||
371adba6 | 474 | <sect>Data types |
d37f899b | 475 | |
a7c9f7c0 | 476 | <p>Each variable and each value has certain type. Booleans, integers and enums are |
326e33f5 | 477 | incompatible with each other (that is to prevent you from shooting in the foot). |
d37f899b PM |
478 | |
479 | <descrip> | |
a7c9f7c0 | 480 | <tag/bool/ This is a boolean type, it can have only two values, <cf/true/ and |
1632f1fe | 481 | <cf/false/. Boolean is the only type you can use in <cf/if/ |
7581b81b | 482 | statements. |
d37f899b | 483 | |
a7c9f7c0 PM |
484 | <tag/int/ This is a general integer type, you can expect it to store signed values from -2000000000 |
485 | to +2000000000. Overflows are not checked. You can use <cf/0x1234/ syntax to write hexadecimal values. | |
d37f899b | 486 | |
a7c9f7c0 PM |
487 | <tag/pair/ This is a pair of two short integers. Each component can have values from 0 to |
488 | 65535. Literals of this type is written as <cf/(1234,5678)/. | |
d37f899b | 489 | |
a7c9f7c0 PM |
490 | <tag/string/ This is a string of characters. There are no ways to modify strings in |
491 | filters. You can pass them between functions, assign them to variables of type <cf/string/, print | |
492 | such variables, but you can't concatenate two strings. String literals | |
0e5373fd | 493 | are written as <cf/"This is a string constant"/. |
d37f899b | 494 | |
a7c9f7c0 | 495 | <tag/ip/ This type can hold a single IP address. Depending on the compile-time configuration of BIRD you are using, it |
5a203dac | 496 | is either an IPv4 or IPv6 address. IP addresses are written in the standard notation (<cf/10.20.30.40/ or <cf/fec0:3:4::1/). You can apply special operator <cf>.mask(<M>num</M>)</cf> |
1632f1fe | 497 | on values of type ip. It masks out all but first <cf><M>num</M></cf> bits from the IP |
5a203dac | 498 | address. So <cf/1.2.3.4.mask(8) = 1.0.0.0/ is true. |
d37f899b | 499 | |
a7c9f7c0 | 500 | <tag/prefix/ This type can hold a network prefix consisting of IP address and prefix length. Prefix literals are written as |
0e5373fd | 501 | <cf><M>ipaddress</M>/<M>pxlen</M></cf>, or |
1632f1fe PM |
502 | <cf><m>ipaddress</m>/<m>netmask</m></cf>. There are two special |
503 | operators on prefixes: | |
504 | <cf/.ip/ which extracts the IP address from the pair, and <cf/.len/, which separates prefix | |
505 | length from the pair. So <cf>1.2.0.0/16.pxlen = 16</cf> is true. | |
d37f899b | 506 | |
326e33f5 | 507 | <tag/int|ip|prefix|pair|enum set/ |
a7c9f7c0 PM |
508 | Filters recognize four types of sets. Sets are similar to strings: you can pass them around |
509 | but you can't modify them. Literals of type <cf>set int</cf> look like <cf> | |
d37f899b | 510 | [ 1, 2, 5..7 ]</cf>. As you can see, both simple values and ranges are permitted in |
c184d9d0 | 511 | sets. Sets of prefixes are special: you can specify which prefix lengths should match them by |
a7c9f7c0 | 512 | using <cf>[ 1.0.0.0/8+, 2.0.0.0/8-, 3.0.0.0/8{5,6} ]</cf>. <cf>3.0.0.0/8{5,6}</cf> matches |
1632f1fe PM |
513 | prefixes <cf/3.X.X.X/ whose prefix length is 5 to 6. <cf><m>address</m>/<m>num</m>+</cf> is a shorthand for <cf><m>address</m>/{0,<m/num/}</cf>, |
514 | <cf><m>address</m>/<m/num/-</cf> is a shorthand for <cf><m>address</m>/{0,<m/num-1/}</cf>. For example, | |
515 | <cf>1.2.0.0/16 ˜ [ 1.0.0.0/8{ 15 , 17 } ]</cf> is true, but | |
516 | <cf>1.0.0.0/8 ˜ [ 1.0.0.0/8- ]</cf> is false. | |
d37f899b PM |
517 | |
518 | <tag/enum/ | |
66701947 | 519 | Enumeration types are fixed sets of possibilities. You can't define your own |
1632f1fe | 520 | variables of such type, but some route attributes are of enumeration |
a7c9f7c0 | 521 | type. Enumeration types are incompatible with each other. |
0e5373fd PM |
522 | |
523 | <tag/bgppath/ | |
a7c9f7c0 | 524 | BGP path is a list of autonomous system numbers. You can't write literals of this type. |
4a5bb2bf | 525 | |
5a203dac PM |
526 | <tag/bgpmask/ |
527 | BGP masks are patterns used for BGP path matching | |
528 | (using <cf>path ˜ /2 3 5 ?/</cf> syntax). The masks | |
529 | resemble wildcard patterns as used by UNIX shells. Autonomous | |
530 | system numbers match themselves, <cf/?/ matches any (even empty) | |
531 | sequence of arbitrary AS numbers (<cf/*/ hasn't been chosen, because | |
532 | <cf>/*</cf> starts a comment). For example: | |
66701947 MM |
533 | <tt>/4 3 2 1/ ˜ /? 4 3 ?/</tt> is true, but |
534 | <tt>/4 3 2 1/ ˜ /? 4 5 ?/</tt> is false. | |
4a5bb2bf | 535 | <tag/clist/ |
a7c9f7c0 | 536 | Community list is similar to set of pairs, |
4a5bb2bf | 537 | except that unlike other sets, it can be modified. |
a7c9f7c0 | 538 | There exist no literals of this type. |
0e5373fd | 539 | |
d37f899b PM |
540 | </descrip> |
541 | ||
a7c9f7c0 | 542 | <sect>Operators |
d37f899b | 543 | |
a7c9f7c0 | 544 | <p>The filter language supports common integer operators <cf>(+,-,*,/)</cf>, parentheses <cf/(a*(b+c))/, comparison |
66701947 | 545 | <cf/(a=b, a!=b, a<b, a>=b)/. Logical operations include unary not (<cf/!/), and (<cf/&&/) and or (<cf/||/). |
1632f1fe | 546 | Special operators include <cf/˜/ for "is element of a set" operation - it can be |
e29fa06e OZ |
547 | used on element and set of elements of the same type (returning true if element is contained in the given set), or |
548 | on two strings (returning true if first string matches a shell-like pattern stored in second string) or on IP and prefix (returning true if IP is within the range defined by that prefix), or on | |
1632f1fe | 549 | prefix and prefix (returning true if first prefix is more specific than second one) or on bgppath and bgpmask (returning true if the path matches the mask) or on pair and clist (returning true if the community is element of the community list). |
25696edb | 550 | |
d37f899b | 551 | |
371adba6 | 552 | <sect>Control structures |
d37f899b | 553 | |
a7c9f7c0 PM |
554 | <p>Filters support two control structures: conditions and case switches. |
555 | ||
1632f1fe | 556 | <p>Syntax of a condition is: <cf>if |
074a166d | 557 | <M>boolean expression</M> then <M>command1</M>; else <M>command2</M>;</cf> and you can use <cf>{ |
1632f1fe PM |
558 | <M>command_1</M>; <M>command_2</M>; <M>...</M> }</cf> instead of either command. The <cf>else</cf> |
559 | clause may be omitted. If the <cf><m>boolean expression</m></cf> is true, <cf><m>command1</m></cf> is executed, otherwise <cf><m>command2</m></cf> is executed. | |
d37f899b | 560 | |
1632f1fe PM |
561 | <p>The <cf>case</cf> is similar to case from Pascal. Syntax is <cf>case <m/expr/ { else | |
562 | <m/num_or_prefix [ .. num_or_prefix]/: <m/statement/ ; [ ... ] }</cf>. The expression after | |
563 | <cf>case</cf> can be of any type which can be on the left side of the ˜ operator and anything that could | |
564 | be a member of a set is allowed before <cf/:/. Multiple commands are allowed without <cf/{}/ grouping. | |
565 | If <cf><m/expr/</cf> matches one of the <cf/:/ clauses, statements between it and next <cf/:/ statement are executed. If <cf><m/expr/</cf> matches neither of the <cf/:/ clauses, the statements after <cf/else:/ are executed. | |
d37f899b | 566 | |
a7c9f7c0 | 567 | <p>Here is example that uses <cf/if/ and <cf/case/ structures: |
af0b25d2 PM |
568 | |
569 | <code> | |
570 | case arg1 { | |
571 | 2: print "two"; print "I can do more commands without {}"; | |
572 | 3 .. 5: print "three to five"; | |
573 | else: print "something else"; | |
a7c9f7c0 | 574 | } |
af0b25d2 | 575 | |
8798c811 PM |
576 | if 1234 = i then printn "."; else { |
577 | print "not 1234"; | |
578 | print "You need {} around multiple commands"; | |
579 | } | |
af0b25d2 PM |
580 | </code> |
581 | ||
371adba6 | 582 | <sect>Route attributes |
0e5373fd | 583 | |
1632f1fe PM |
584 | <p>A filter is implicitly passed a route, and it can access its |
585 | attributes just like it accesses variables. Attempts to access undefined | |
a7c9f7c0 | 586 | attribute result in a runtime error; you can check if an attribute is |
1632f1fe | 587 | defined by using the <cf>defined( <m>attribute</m> )</cf> operator. |
a7c9f7c0 | 588 | |
36032ded | 589 | <descrip> |
cd4fecb6 | 590 | <tag><m/prefix/ net</tag> |
1632f1fe | 591 | Network the route is talking about. Read-only. (See the chapter about routing tables.) |
a7c9f7c0 PM |
592 | |
593 | <tag><m/enum/ scope</tag> | |
5a203dac | 594 | Address scope of the network (<cf/SCOPE_HOST/ for addresses local to this host, <cf/SCOPE_LINK/ for those specific for a physical link, <cf/SCOPE_SITE/ and <cf/SCOPE_ORGANIZATION/ for private addresses, <cf/SCOPE_UNIVERSE/ for globally visible addresses). |
0e5373fd | 595 | |
cd4fecb6 | 596 | <tag><m/int/ preference</tag> |
1632f1fe | 597 | Preference of the route. (See the chapter about routing tables.) |
c184d9d0 | 598 | |
cd4fecb6 | 599 | <tag><m/ip/ from</tag> |
25696edb | 600 | The router which the route has originated from. Read-only. |
0e5373fd | 601 | |
cd4fecb6 | 602 | <tag><m/ip/ gw</tag> |
a7c9f7c0 | 603 | Next hop packets routed using this route should be forwarded to. |
0e5373fd | 604 | |
e29fa06e OZ |
605 | <tag><m/string/ proto</tag> |
606 | The name of the protocol which the route has been imported from. Read-only. | |
607 | ||
cd4fecb6 | 608 | <tag><m/enum/ source</tag> |
9a4b8790 | 609 | what protocol has told me about this route. Possible values: <cf/RTS_DUMMY/, <cf/RTS_STATIC/, <cf/RTS_INHERIT/, <cf/RTS_DEVICE/, <cf/RTS_STATIC_DEVICE/, <cf/RTS_REDIRECT/, <cf/RTS_RIP/, <cf/RTS_OSPF/, <cf/RTS_OSPF_IA/, <cf/RTS_OSPF_EXT/, <cf/RTS_BGP/, <cf/RTS_PIPE/. |
c184d9d0 | 610 | |
cd4fecb6 | 611 | <tag><m/enum/ cast</tag> |
96264d4d | 612 | Route type (<cf/RTC_UNICAST/ for normal routes, <cf/RTC_BROADCAST/, <cf/RTC_MULTICAST/, <cf/RTC_ANYCAST/ for broadcast, multicast and anycast routes). Read-only. |
c184d9d0 | 613 | |
cd4fecb6 | 614 | <tag><m/enum/ dest</tag> |
5a203dac | 615 | Type of destination the packets should be sent to (<cf/RTD_ROUTER/ for forwarding to a neighboring router, <cf/RTD_NETWORK/ for routing to a directly-connected network, <cf/RTD_BLACKHOLE/ for packets to be silently discarded, <cf/RTD_UNREACHABLE/, <cf/RTD_PROHIBIT/ for packets that should be returned with ICMP host unreachable / ICMP administratively prohibited messages). Read-only. |
ba1dda49 | 616 | </descrip> |
0e5373fd | 617 | |
1632f1fe | 618 | <p>There also exist some protocol-specific attributes which are described in the corresponding protocol sections. |
0e5373fd | 619 | |
1632f1fe | 620 | <sect>Other statements |
69477cad | 621 | |
a7c9f7c0 | 622 | <p>The following statements are available: |
69477cad PM |
623 | |
624 | <descrip> | |
a7c9f7c0 | 625 | <tag><m/variable/ = <m/expr/</tag> Set variable to a given value. |
326e33f5 | 626 | |
a7c9f7c0 | 627 | <tag>accept|reject [ <m/expr/ ]</tag> Accept or reject the route, possibly printing <cf><m>expr</m></cf>. |
326e33f5 | 628 | |
1632f1fe | 629 | <tag>return <m/expr/</tag> Return <cf><m>expr</m></cf> from the current function, the function ends at this point. |
326e33f5 | 630 | |
a7c9f7c0 PM |
631 | <tag>print|printn <m/expr/ [<m/, expr.../]</tag> |
632 | Prints given expressions; useful mainly while debugging | |
633 | filters. The <cf/printn/ variant does not terminate the line. | |
69477cad PM |
634 | |
635 | <tag>quitbird</tag> | |
1632f1fe | 636 | Terminates BIRD. Useful when debugging the filter interpreter. |
69477cad PM |
637 | </descrip> |
638 | ||
371adba6 | 639 | <chapt>Protocols |
d37f899b | 640 | |
371adba6 | 641 | <sect>BGP |
1b55b1a3 | 642 | |
56ab03c7 | 643 | <p>The Border Gateway Protocol is the routing protocol used for backbone |
5a203dac | 644 | level routing in the today's Internet. Contrary to the other protocols, its convergence |
56ab03c7 MM |
645 | doesn't rely on all routers following the same rules for route selection, |
646 | making it possible to implement any routing policy at any router in the | |
647 | network, the only restriction being that if a router advertises a route, | |
648 | it must accept and forward packets according to it. | |
649 | ||
650 | <p>BGP works in terms of autonomous systems (often abbreviated as AS). Each | |
5a203dac PM |
651 | AS is a part of the network with common management and common routing policy. It is identified by a unique 16-bit number. |
652 | Routers within each AS usually communicate with each other using either a interior routing | |
56ab03c7 MM |
653 | protocol (such as OSPF or RIP) or an interior variant of BGP (called iBGP). |
654 | Boundary routers at the border of the AS communicate with their peers | |
655 | in the neighboring AS'es via exterior BGP (eBGP). | |
656 | ||
657 | <p>Each BGP router sends to its neighbors updates of the parts of its | |
5a203dac PM |
658 | routing table it wishes to export along with complete path information |
659 | (a list of AS'es the packet will travel through if it uses the particular | |
56ab03c7 MM |
660 | route) in order to avoid routing loops. |
661 | ||
5459fac6 | 662 | <p>BIRD supports all requirements of the BGP4 standard as defined in |
1adc17b4 OZ |
663 | RFC 4271<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc4271.txt"> |
664 | It also supports the community attributes | |
665 | (RFC 1997<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc1997.txt">), | |
666 | capability negotiation | |
667 | (RFC 3392<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc3392.txt">), | |
668 | MD5 password authentication | |
669 | (RFC 2385<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2385.txt">), | |
670 | route reflectors | |
671 | (RFC 4456<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc4456.txt">), | |
672 | and 4B AS numbers | |
673 | (RFC 4893<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc4893.txt">). | |
674 | ||
675 | ||
5459fac6 MM |
676 | For IPv6, it uses the standard multiprotocol extensions defined in |
677 | RFC 2283<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2283.txt"> | |
678 | including changes described in the | |
5a203dac | 679 | latest draft<htmlurl url="ftp://ftp.rfc-editor.org/internet-drafts/draft-ietf-idr-bgp4-multiprotocol-v2-05.txt"> |
5459fac6 MM |
680 | and applied to IPv6 according to |
681 | RFC 2545<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2545.txt">. | |
682 | ||
371adba6 | 683 | <sect1>Route selection rules |
5459fac6 MM |
684 | |
685 | <p>BGP doesn't have any simple metric, so the rules for selection of an optimal | |
686 | route among multiple BGP routes with the same preference are a bit more complex | |
5a203dac | 687 | and they are implemented according to the following algorithm. It starts the first |
5459fac6 MM |
688 | rule, if there are more "best" routes, then it uses the second rule to choose |
689 | among them and so on. | |
690 | ||
691 | <itemize> | |
5a203dac | 692 | <item>Prefer route with the highest Local Preference attribute. |
5459fac6 MM |
693 | <item>Prefer route with the shortest AS path. |
694 | <item>Prefer IGP origin over EGP and EGP over incomplete. | |
695 | <item>Prefer the lowest value of the Multiple Exit Discriminator. | |
5a203dac PM |
696 | <item>Prefer internal routes over external ones. |
697 | <item>Prefer the route with the lowest value of router ID of the | |
5459fac6 MM |
698 | advertising router. |
699 | </itemize> | |
56ab03c7 | 700 | |
371adba6 | 701 | <sect1>Configuration |
56ab03c7 | 702 | |
5459fac6 | 703 | <p>Each instance of the BGP corresponds to one neighboring router. |
5a203dac PM |
704 | This allows to set routing policy and all the other parameters differently |
705 | for each neighbor using the following configuration parameters: | |
5459fac6 MM |
706 | |
707 | <descrip> | |
708 | <tag>local as <m/number/</tag> Define which AS we are part of. (Note that | |
709 | contrary to other IP routers, BIRD is able to act as a router located | |
710 | in multiple AS'es simultaneously, but in such cases you need to tweak | |
711 | the BGP paths manually in the filters to get consistent behavior.) | |
712 | This parameter is mandatory. | |
5a203dac | 713 | |
5459fac6 MM |
714 | <tag>neighbor <m/ip/ as <m/number/</tag> Define neighboring router |
715 | this instance will be talking to and what AS it's located in. Unless | |
716 | you use the <cf/multihop/ clause, it must be directly connected to one | |
f8e2d916 MM |
717 | of your router's interfaces. In case the neighbor is in the same AS |
718 | as we are, we automatically switch to iBGP. This parameter is mandatory. | |
5a203dac | 719 | |
5459fac6 MM |
720 | <tag>multihop <m/number/ via <m/ip/</tag> Configure multihop BGP to a |
721 | neighbor which is connected at most <m/number/ hops far and to which | |
722 | we should route via our direct neighbor with address <m/ip/. | |
723 | Default: switched off. | |
5a203dac | 724 | |
5459fac6 MM |
725 | <tag>next hop self</tag> Avoid calculation of the Next Hop attribute |
726 | and always advertise our own source address (see below) as a next hop. | |
727 | This needs to be used only | |
728 | occasionally to circumvent misconfigurations of other routers. | |
729 | Default: disabled. | |
5a203dac | 730 | |
5459fac6 MM |
731 | <tag>source address <m/ip/</tag> Define local address we should use |
732 | for next hop calculation. Default: the address of the local end | |
733 | of the interface our neighbor is connected to. | |
5a203dac | 734 | |
1adc17b4 OZ |
735 | <tag>password <m/string/</tag> Use this password for MD5 authentication |
736 | of BGP sessions. Default: no authentication. | |
737 | ||
a92fe607 OZ |
738 | <tag>rr client</tag> Be a route reflector and treat the neighbor as |
739 | a route reflection client. Default: disabled. | |
1adc17b4 OZ |
740 | |
741 | <tag>rr cluster id <m/IPv4 address/</tag> Route reflectors use cluster id | |
742 | to avoid route reflection loops. When there is one route reflector in a cluster | |
743 | it usually uses its router id as a cluster id, but when there are more route | |
744 | reflectors in a cluster, these need to be configured (using this option) to | |
745 | use a common cluster id. Clients in a cluster need not known their cluster | |
746 | id and this option is not allowed to them Default: a same as router id. | |
747 | ||
a92fe607 OZ |
748 | <tag>rs client</tag> Be a route server and treat the neighbor |
749 | as a route server client. A route server is used as a | |
750 | replacement for full mesh EBGP routing in Internet exchange | |
751 | points in a similar way to route reflectors used in IBGP routing. | |
752 | Bird does not implement obsoleted RFC 1863, but uses ad-hoc implementation, | |
753 | which behaves like plain EBGP but reduces modifications to advertised route | |
754 | attributes to be transparent (for example does not prepend its AS number to | |
755 | AS PATH attribute and keep MED attribute). Default: disabled. | |
756 | ||
1adc17b4 OZ |
757 | <tag>enable as4 <m/switch/</tag> BGP protocol was designed to use 2B AS numbers |
758 | and was extended later to allow 4B AS number. BIRD supports 4B AS extension, | |
759 | but by disabling this option it can be persuaded not to advertise it and | |
760 | to maintain old-style sessions with its neighbors. This might be useful for | |
761 | circumventing bugs in neighbor's implementation of 4B AS extension. | |
762 | Even when disabled (off), BIRD behaves internally as AS4-aware BGP router. | |
763 | Default: on. | |
764 | ||
5459fac6 MM |
765 | <tag>disable after error <m/switch/</tag> When an error is encountered (either |
766 | locally or by the other side), disable the instance automatically | |
5a203dac PM |
767 | and wait for an administrator to fix the problem manually. Default: off. |
768 | ||
769 | <tag>hold time <m/number/</tag> Time in seconds to wait for a Keepalive | |
5459fac6 MM |
770 | message from the other side before considering the connection stale. |
771 | Default: depends on agreement with the neighboring router, we prefer | |
772 | 240 seconds if the other side is willing to accept it. | |
5a203dac | 773 | |
5459fac6 | 774 | <tag>startup hold time <m/number/</tag> Value of the hold timer used |
5a203dac | 775 | before the routers have a chance to exchange open messages and agree |
5459fac6 | 776 | on the real value. Default: 240 seconds. |
5a203dac | 777 | |
5459fac6 | 778 | <tag>keepalive time <m/number/</tag> Delay in seconds between sending |
5a203dac PM |
779 | of two consecutive Keepalive messages. Default: One third of the hold time. |
780 | ||
5459fac6 | 781 | <tag>connect retry time <m/number/</tag> Time in seconds to wait before |
5a203dac PM |
782 | retrying a failed attempt to connect. Default: 120 seconds. |
783 | ||
5459fac6 | 784 | <tag>start delay time <m/number/</tag> Delay in seconds between protocol |
5a203dac PM |
785 | startup and the first attempt to connect. Default: 5 seconds. |
786 | ||
787 | <tag>error wait time <m/number/,<m/number/</tag> Minimum and maximum delay in seconds between a protocol | |
788 | failure (either local or reported by the peer) and automatic restart. | |
5459fac6 MM |
789 | Doesn't apply when <cf/disable after error/ is configured. If consecutive |
790 | errors happen, the delay is increased exponentially until it reaches the maximum. Default: 60, 300. | |
5a203dac | 791 | |
5459fac6 MM |
792 | <tag>error forget time <m/number/</tag> Maximum time in seconds between two protocol |
793 | failures to treat them as a error sequence which makes the <cf/error wait time/ | |
794 | increase exponentially. Default: 300 seconds. | |
5a203dac | 795 | |
5459fac6 MM |
796 | <tag>path metric <m/switch/</tag> Enable comparison of path lengths |
797 | when deciding which BGP route is the best one. Default: on. | |
5a203dac | 798 | |
5459fac6 MM |
799 | <tag>default bgp_med <m/number/</tag> Value of the Multiple Exit |
800 | Discriminator to be used during route selection when the MED attribute | |
b6bf284a | 801 | is missing. Default: 0. |
5a203dac | 802 | |
5459fac6 MM |
803 | <tag>default bgp_local_pref <m/number/</tag> Value of the Local Preference |
804 | to be used during route selection when the Local Preference attribute | |
805 | is missing. Default: 0. | |
806 | </descrip> | |
807 | ||
371adba6 | 808 | <sect1>Attributes |
56ab03c7 | 809 | |
5a203dac | 810 | <p>BGP defines several route attributes. Some of them (those marked with `<tt/I/' in the |
5459fac6 | 811 | table below) are available on internal BGP connections only, some of them (marked |
5a203dac | 812 | with `<tt/O/') are optional. |
5459fac6 MM |
813 | |
814 | <descrip> | |
326e33f5 | 815 | <tag>bgppath <cf/bgp_path/</tag> Sequence of AS numbers describing the AS path |
5a203dac PM |
816 | the packet will travel through when forwarded according to the particular route. In case of |
817 | internal BGP it doesn't contain the number of the local AS. | |
818 | ||
5459fac6 MM |
819 | <tag>int <cf/bgp_local_pref/ [I]</tag> Local preference value used for |
820 | selection among multiple BGP routes (see the selection rules above). It's | |
821 | used as an additional metric which is propagated through the whole local AS. | |
5a203dac | 822 | |
b6bf284a OZ |
823 | <tag>int <cf/bgp_med/ [O]</tag> The Multiple Exit Discriminator of the route |
824 | is an optional attribute which is used on on external (inter-AS) links to | |
825 | convey to an adjacent AS the optimal entry point into the local AS. | |
826 | The received attribute may be also propagated over internal BGP links | |
827 | (and this is default behavior). The attribute value is zeroed when a route | |
828 | is exported from a routing table to a BGP instance to ensure that the attribute | |
829 | received from a neighboring AS is not propagated to other neighboring ASes. | |
830 | A new value might be set in the export filter of a BGP instance. | |
831 | See RFC 4451<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc4451.txt"> | |
832 | for further discussion of BGP MED attribute. | |
5a203dac PM |
833 | |
834 | <tag>enum <cf/bgp_origin/</tag> Origin of the route: either <cf/ORIGIN_IGP/ | |
835 | if the route has originated in an interior routing protocol or | |
836 | <cf/ORIGIN_EGP/ if it's been imported from the <tt>EGP</tt> protocol | |
837 | (nowadays it seems to be obsolete) or <cf/ORIGIN_INCOMPLETE/ if the origin | |
5459fac6 | 838 | is unknown. |
5a203dac | 839 | |
5459fac6 MM |
840 | <tag>ip <cf/bgp_next_hop/</tag> Next hop to be used for forwarding of packets |
841 | to this destination. On internal BGP connections, it's an address of the | |
842 | originating router if it's inside the local AS or a boundary router the | |
843 | packet will leave the AS through if it's an exterior route, so each BGP | |
844 | speaker within the AS has a chance to use the shortest interior path | |
845 | possible to this point. | |
5a203dac | 846 | |
5459fac6 | 847 | <tag>void <cf/bgp_atomic_aggr/ [O]</tag> This is an optional attribute |
5a203dac PM |
848 | which carries no value, but the sole presence of which indicates that the route |
849 | has been aggregated from multiple routes by some router on the path from | |
5459fac6 | 850 | the originator. |
5a203dac | 851 | |
5459fac6 MM |
852 | <!-- we don't handle aggregators right since they are of a very obscure type |
853 | <tag>bgp_aggregator</tag> | |
854 | --> | |
855 | <tag>clist <cf/bgp_community/ [O]</tag> List of community values associated | |
856 | with the route. Each such value is a pair (represented as a <cf/pair/ data | |
5a203dac PM |
857 | type inside the filters) of 16-bit integers, the first of them containing the number of the AS which defines |
858 | the community and the second one being a per-AS identifier. There are lots | |
5459fac6 MM |
859 | of uses of the community mechanism, but generally they are used to carry |
860 | policy information like "don't export to USA peers". As each AS can define | |
326e33f5 | 861 | its own routing policy, it also has a complete freedom about which community |
5a203dac | 862 | attributes it defines and what will their semantics be. |
5459fac6 MM |
863 | </descrip> |
864 | ||
371adba6 | 865 | <sect1>Example |
56ab03c7 | 866 | |
5459fac6 MM |
867 | <p><code> |
868 | protocol bgp { | |
96264d4d PM |
869 | local as 65000; # Use a private AS number |
870 | neighbor 62.168.0.130 as 5588; # Our neighbor ... | |
871 | multihop 20 via 62.168.0.13; # ... which is connected indirectly | |
872 | export filter { # We use non-trivial export rules | |
873 | if source = RTS_STATIC then { # Export only static routes | |
a852c139 PM |
874 | # Assign our community |
875 | bgp_community.add((65000,5678)); | |
876 | # Artificially increase path length | |
5a203dac | 877 | # by advertising local AS number twice |
a852c139 PM |
878 | if bgp_path ~ / 65000 / then |
879 | bgp_path.prepend(65000); | |
5459fac6 MM |
880 | accept; |
881 | } | |
882 | reject; | |
883 | }; | |
884 | import all; | |
96264d4d | 885 | source address 62.168.0.1; # Use a non-standard source address |
5459fac6 MM |
886 | } |
887 | </code> | |
888 | ||
371adba6 | 889 | <sect>Device |
1b55b1a3 | 890 | |
5a203dac PM |
891 | <p>The Device protocol is not a real routing protocol. It doesn't generate |
892 | any routes and it only serves as a module for getting information about network | |
79a2b697 MM |
893 | interfaces from the kernel. |
894 | ||
0e694e04 | 895 | <p>Except for very unusual circumstances, you probably should include |
5a203dac PM |
896 | this protocol in the configuration since almost all other protocols |
897 | require network interfaces to be defined for them to work with. | |
79a2b697 | 898 | |
5459fac6 | 899 | <p>The only configurable thing is interface scan time: |
79a2b697 MM |
900 | |
901 | <p><descrip> | |
902 | <tag>scan time <m/number/</tag> Time in seconds between two scans | |
903 | of the network interface list. On systems where we are notified about | |
904 | interface status changes asynchronously (such as newer versions of | |
5a203dac PM |
905 | Linux), we need to scan the list only in order to avoid confusion by lost |
906 | notification messages, so the default time is set to a large value. | |
79a2b697 MM |
907 | </descrip> |
908 | ||
79a2b697 | 909 | <p>As the Device protocol doesn't generate any routes, it cannot have |
4f88ac47 | 910 | any attributes. Example configuration looks really simple: |
79a2b697 MM |
911 | |
912 | <p><code> | |
913 | protocol device { | |
914 | scan time 10; # Scan the interfaces often | |
915 | } | |
916 | </code> | |
917 | ||
371adba6 | 918 | <sect>Direct |
1b55b1a3 | 919 | |
79a2b697 MM |
920 | <p>The Direct protocol is a simple generator of device routes for all the |
921 | directly connected networks according to the list of interfaces provided | |
922 | by the kernel via the Device protocol. | |
923 | ||
924 | <p>It's highly recommended to include this protocol in your configuration | |
925 | unless you want to use BIRD as a route server or a route reflector, that is | |
5a203dac | 926 | on a machine which doesn't forward packets itself and only participates in |
79a2b697 MM |
927 | distribution of routing information. |
928 | ||
5a203dac | 929 | <p>The only configurable thing about direct is what interfaces it watches: |
79a2b697 MM |
930 | |
931 | <p><descrip> | |
0e694e04 | 932 | <tag>interface <m/pattern [, ...]/</tag> By default, the Direct |
79a2b697 MM |
933 | protocol will generate device routes for all the interfaces |
934 | available. If you want to restrict it to some subset of interfaces | |
935 | (for example if you're using multiple routing tables for policy | |
936 | routing and some of the policy domains don't contain all interfaces), | |
937 | just use this clause. | |
938 | </descrip> | |
939 | ||
79a2b697 MM |
940 | <p>Direct device routes don't contain any specific attributes. |
941 | ||
4f88ac47 | 942 | <p>Example config might look like this: |
79a2b697 MM |
943 | |
944 | <p><code> | |
945 | protocol direct { | |
946 | interface "-arc*", "*"; # Exclude the ARCnets | |
947 | } | |
948 | </code> | |
949 | ||
371adba6 | 950 | <sect>Kernel |
1b55b1a3 | 951 | |
0e4789c2 | 952 | <p>The Kernel protocol is not a real routing protocol. Instead of communicating |
5a203dac PM |
953 | the with other routers in the network, it performs synchronization of BIRD's routing |
954 | tables with the OS kernel. Basically, it sends all routing table updates to the kernel | |
0e4789c2 MM |
955 | and from time to time it scans the kernel tables to see whether some routes have |
956 | disappeared (for example due to unnoticed up/down transition of an interface) | |
f8e2d916 | 957 | or whether an `alien' route has been added by someone else (depending on the |
5a203dac | 958 | <cf/learn/ switch, such routes are either deleted or accepted to our |
f8e2d916 | 959 | table). |
0e4789c2 MM |
960 | |
961 | <p>If your OS supports only a single routing table, you can configure only one | |
962 | instance of the Kernel protocol. If it supports multiple tables (in order to | |
5a203dac | 963 | allow policy routing; such an OS is for example Linux 2.2), you can run as many instances as you want, but each of |
0e4789c2 MM |
964 | them must be connected to a different BIRD routing table and to a different |
965 | kernel table. | |
966 | ||
371adba6 | 967 | <sect1>Configuration |
0e4789c2 MM |
968 | |
969 | <p><descrip> | |
970 | <tag>persist <m/switch/</tag> Tell BIRD to leave all its routes in the | |
326e33f5 | 971 | routing tables when it exits (instead of cleaning them up). |
5a203dac | 972 | <tag>scan time <m/number/</tag> Time in seconds between two consecutive scans of the |
0e4789c2 MM |
973 | kernel routing table. |
974 | <tag>learn <m/switch/</tag> Enable learning of routes added to the kernel | |
975 | routing tables by other routing daemons or by the system administrator. | |
976 | This is possible only on systems which support identification of route | |
977 | authorship. | |
978 | <tag>kernel table <m/number/</tag> Select which kernel table should | |
979 | this particular instance of the Kernel protocol work with. Available | |
980 | only on systems supporting multiple routing tables. | |
981 | </descrip> | |
982 | ||
5a203dac | 983 | <p>The Kernel protocol doesn't define any route attributes. |
326e33f5 | 984 | <p>A simple configuration can look this way: |
0e4789c2 MM |
985 | |
986 | <p><code> | |
987 | protocol kernel { | |
988 | import all; | |
989 | export all; | |
990 | } | |
991 | </code> | |
992 | ||
993 | <p>Or for a system with two routing tables: | |
994 | ||
995 | <p><code> | |
996 | protocol kernel { # Primary routing table | |
997 | learn; # Learn alien routes from the kernel | |
998 | persist; # Don't remove routes on bird shutdown | |
999 | scan time 10; # Scan kernel routing table every 10 seconds | |
1000 | import all; | |
1001 | export all; | |
1002 | } | |
1003 | ||
1004 | protocol kernel { # Secondary routing table | |
1005 | table auxtable; | |
1006 | kernel table 100; | |
1007 | export all; | |
a2a3ced8 | 1008 | } |
0e4789c2 MM |
1009 | </code> |
1010 | ||
371adba6 | 1011 | <sect>OSPF |
1b55b1a3 | 1012 | |
8fd12e6b OF |
1013 | <sect1>Introduction |
1014 | ||
3ca3e999 | 1015 | <p>Open Shortest Path First (OSPF) is a quite complex interior gateway |
f735de02 OF |
1016 | protocol. The current IPv4 version (OSPFv2) is defined |
1017 | in RFC 2328<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2328.txt">. It's a link | |
1632f1fe | 1018 | state (a.k.a. shortest path first) protocol -- each router maintains a database |
3ca3e999 MM |
1019 | describing the autonomous system's topology. Each participating router |
1020 | has an identical copy of the database and all routers run the same algorithm | |
1021 | calculating a shortest path tree with themselves as a root. | |
4e8ec666 | 1022 | OSPF chooses the least cost path as the best path. |
3b16080c | 1023 | (OSPFv3 - OSPF for IPv6 is not supported yet.) |
3ca3e999 MM |
1024 | |
1025 | <p>In OSPF, the autonomous system can be split to several areas in order | |
1026 | to reduce the amount of resources consumed for exchanging the routing | |
1027 | information and to protect the other areas from incorrect routing data. | |
1028 | Topology of the area is hidden to the rest of the autonomous system. | |
3ca3e999 MM |
1029 | |
1030 | <p>Another very important feature of OSPF is that | |
1031 | it can keep routing information from other protocols (like Static or BGP) | |
1032 | in its link state database as external routes. Each external route can | |
1632f1fe | 1033 | be tagged by the advertising router, making it possible to pass additional |
3ca3e999 MM |
1034 | information between routers on the boundary of the autonomous system. |
1035 | ||
1036 | <p>OSPF quickly detects topological changes in the autonomous system (such | |
1632f1fe | 1037 | as router interface failures) and calculates new loop-free routes after a short |
f02e4258 | 1038 | period of convergence. Only a minimal amount of |
1632f1fe | 1039 | routing traffic is involved. |
8fd12e6b | 1040 | |
3ca3e999 MM |
1041 | <p>Each router participating in OSPF routing periodically sends Hello messages |
1042 | to all its interfaces. This allows neighbors to be discovered dynamically. | |
1043 | Then the neighbors exchange theirs parts of the link state database and keep it | |
1044 | identical by flooding updates. The flooding process is reliable and ensures | |
1045 | that each router detects all changes. | |
8fd12e6b OF |
1046 | |
1047 | <sect1>Configuration | |
1048 | ||
5a64ac70 OF |
1049 | <p>In the main part of configuration, there can be multiple definitions of |
1050 | OSPF area witch different id included. These definitions includes many other | |
f02e4258 OF |
1051 | switches and multiple definitions of interfaces. Definition of interface |
1052 | may contain many switches and constant definitions and list of neighbors | |
5a64ac70 | 1053 | on nonbroadcast networks. |
8fd12e6b OF |
1054 | |
1055 | <code> | |
088bc8ad | 1056 | protocol ospf <name> { |
1632f1fe | 1057 | rfc1583compat <switch>; |
62eee823 | 1058 | tick <num>; |
088bc8ad | 1059 | area <id> { |
b2bdb406 | 1060 | stub cost <num>; |
16319aeb OF |
1061 | networks { |
1062 | <prefix>; | |
1063 | <prefix> hidden; | |
1064 | } | |
3ca3e999 | 1065 | interface <interface pattern> |
8fd12e6b | 1066 | { |
088bc8ad | 1067 | cost <num>; |
e3bc10fd | 1068 | stub <switch>; |
088bc8ad | 1069 | hello <num>; |
a190e720 | 1070 | poll <num>; |
088bc8ad OF |
1071 | retransmit <num>; |
1072 | priority <num>; | |
1073 | wait <num>; | |
1074 | dead count <num>; | |
d8c7d9e8 | 1075 | dead <num>; |
94c42054 | 1076 | rx buffer [normal|large|<num>]; |
8fd12e6b | 1077 | type [broadcast|nonbroadcast|pointopoint]; |
a190e720 | 1078 | strict nonbroadcast <switch>; |
b21f68b4 | 1079 | authentication [none|simple|cryptographics]; |
088bc8ad | 1080 | password "<text>"; |
b21f68b4 OZ |
1081 | password "<text>" { |
1082 | id <num>; | |
1083 | generate from "<date>"; | |
1084 | generate to "<date>"; | |
1085 | accept from "<date>"; | |
1086 | accept to "<date>"; | |
ea357b8b | 1087 | }; |
8fd12e6b | 1088 | neighbors { |
088bc8ad | 1089 | <ip>; |
a190e720 | 1090 | <ip> eligible; |
8fd12e6b OF |
1091 | }; |
1092 | }; | |
98ac6176 OF |
1093 | virtual link <id> |
1094 | { | |
1095 | hello <num>; | |
98ac6176 OF |
1096 | retransmit <num>; |
1097 | wait <num>; | |
1098 | dead count <num>; | |
d8c7d9e8 | 1099 | dead <num>; |
98ac6176 OF |
1100 | authentication [none|simple]; |
1101 | password "<text>"; | |
1102 | }; | |
8fd12e6b OF |
1103 | }; |
1104 | } | |
1105 | </code> | |
1106 | ||
1107 | <descrip> | |
1632f1fe | 1108 | <tag>rfc1583compat <M>switch</M></tag> |
3ca3e999 | 1109 | This option controls compatibility of routing table |
8fd12e6b OF |
1110 | calculation with RFC 1583<htmlurl |
1111 | url="ftp://ftp.rfc-editor.org/in-notes/rfc1583.txt">. Default | |
1112 | value is no. | |
1113 | ||
1114 | <tag>area <M>id</M></tag> | |
3ca3e999 MM |
1115 | This defines an OSPF area with given area ID (an integer or an IPv4 |
1116 | address, similarly to a router ID). | |
1117 | The most important area is | |
1118 | the backbone (ID 0) to which every other area must be connected. | |
8fd12e6b | 1119 | |
b2bdb406 OF |
1120 | <tag>stub cost <M>num</M></tag> |
1121 | No external (except default) routes are flooded into stub areas. | |
1122 | Setting this value marks area stub with defined cost of default route. | |
1123 | Default value is no. (Area is not stub.) | |
8fd12e6b OF |
1124 | |
1125 | <tag>tick <M>num</M></tag> | |
3b16080c | 1126 | The routing table calculation and clean-up of areas' databases |
62eee823 | 1127 | is not performed when a single link state |
3ca3e999 | 1128 | change arrives. To lower the CPU utilization, it's processed later |
62eee823 | 1129 | at periodical intervals of <m/num/ seconds. The default value is 1. |
8fd12e6b | 1130 | |
16319aeb OF |
1131 | <tag>networks { <m/set/ }</tag> |
1132 | Definition of area IP ranges. This is used in summary lsa origination. | |
1133 | Hidden networks are not propagated into other areas. | |
1134 | ||
3ca3e999 MM |
1135 | <tag>interface <M>pattern</M></tag> |
1136 | Defines that the specified interfaces belong to the area being defined. | |
8fd12e6b | 1137 | |
98ac6176 | 1138 | <tag>virtual link <M>id</M></tag> |
3b16080c OF |
1139 | Virtual link to router with the router id. Virtual link acts as a |
1140 | point-to-point interface belonging to backbone. The actual area is | |
1141 | used as transport area. This item cannot be in the backbone. | |
98ac6176 | 1142 | |
8fd12e6b | 1143 | <tag>cost <M>num</M></tag> |
3ca3e999 | 1144 | Specifies output cost (metric) of an interface. Default value is 10. |
8fd12e6b | 1145 | |
e3bc10fd OF |
1146 | <tag>stub <M>switch</M></tag> |
1147 | If set to interface it does not listen to any packet and does not send | |
1148 | any hello. Default value is no. | |
1149 | ||
8fd12e6b | 1150 | <tag>hello <M>num</M></tag> |
3ca3e999 MM |
1151 | Specifies interval in seconds between sending of Hello messages. Beware, all |
1152 | routers on the same network need to have the same hello interval. | |
8fd12e6b OF |
1153 | Default value is 10. |
1154 | ||
a190e720 OF |
1155 | <tag>poll <M>num</M></tag> |
1156 | Specifies interval in seconds between sending of Hello messages for | |
f02e4258 | 1157 | some neighbors on NBMA network. Default value is 20. |
a190e720 | 1158 | |
8fd12e6b | 1159 | <tag>retransmit <M>num</M></tag> |
4e8ec666 | 1160 | Specifies interval in seconds between retransmissions of unacknowledged updates. |
8fd12e6b OF |
1161 | Default value is 5. |
1162 | ||
1163 | <tag>priority <M>num</M></tag> | |
3ca3e999 MM |
1164 | On every multiple access network (e.g., the Ethernet) Designed Router |
1165 | and Backup Designed router are elected. These routers have some | |
1166 | special functions in the flooding process. Higher priority increases | |
1167 | preferences in this election. Routers with priority 0 are not | |
8fd12e6b OF |
1168 | eligible. Default value is 1. |
1169 | ||
1170 | <tag>wait <M>num</M></tag> | |
3ca3e999 | 1171 | After start, router waits for the specified number of seconds between starting |
8fd12e6b OF |
1172 | election and building adjacency. Default value is 40. |
1173 | ||
1174 | <tag>dead count <M>num</M></tag> | |
3ca3e999 MM |
1175 | When the router does not receive any messages from a neighbor in |
1176 | <m/dead count/*<m/hello/ seconds, it will consider the neighbor down. | |
8fd12e6b | 1177 | |
d8c7d9e8 OF |
1178 | <tag>dead <M>num</M></tag> |
1179 | When the router does not receive any messages from a neighbor in | |
1180 | <m/dead/ seconds, it will consider the neighbor down. If both directives | |
1181 | <m/dead count/ and <m/dead/ are used, <m/dead/ has precendence. | |
1182 | ||
94c42054 OF |
1183 | <tag>rx buffer <M>num</M></tag> |
1184 | This sets the size of buffer used for receiving packets. The buffer should | |
1185 | be bigger than maximal size of any packets. Value NORMAL (default) | |
1186 | means 2*MTU, value LARGE means maximal allowed packet - 65536. | |
1187 | ||
3ca3e999 MM |
1188 | <tag>type broadcast</tag> |
1189 | BIRD detects a type of a connected network automatically, but sometimes it's | |
1190 | convenient to force use of a different type manually. | |
16319aeb OF |
1191 | On broadcast networks, flooding and Hello messages are sent using multicasts |
1192 | (a single packet for all the neighbors). | |
8fd12e6b | 1193 | |
e3bc10fd OF |
1194 | <tag>type pointopoint</tag> |
1195 | Point-to-point networks connect just 2 routers together. No election | |
1196 | is performed there which reduces the number of messages sent. | |
1197 | ||
3ca3e999 MM |
1198 | <tag>type nonbroadcast</tag> |
1199 | On nonbroadcast networks, the packets are sent to each neighbor | |
1200 | separately because of lack of multicast capabilities. | |
8fd12e6b | 1201 | |
e3bc10fd OF |
1202 | <tag>strict nonbroadcast <M>switch</M></tag> |
1203 | If set, don't send hello to any undefined neighbor. This switch | |
1204 | is ignored on on any non-NBMA network. Default is No. | |
8fd12e6b | 1205 | |
4e8ec666 | 1206 | <tag>authentication none</tag> |
3ca3e999 | 1207 | No passwords are sent in OSPF packets. This is the default value. |
8fd12e6b | 1208 | |
4e8ec666 | 1209 | <tag>authentication simple</tag> |
3ca3e999 | 1210 | Every packet carries 8 bytes of password. Received packets |
4e8ec666 | 1211 | lacking this password are ignored. This authentication mechanism is |
8fd12e6b OF |
1212 | very weak. |
1213 | ||
ea357b8b | 1214 | <tag>authentication cryptographic</tag> |
b21f68b4 | 1215 | 16-byte long MD5 digest is appended to every packet. For the digest |
ea357b8b OF |
1216 | generation 16-byte long passwords are used. Those passwords are |
1217 | not sent via network, so this mechanismus is quite secure. | |
1218 | Packets can still be read by an attacker. | |
1219 | ||
5a203dac | 1220 | <tag>password "<M>text</M>"</tag> |
ea357b8b OF |
1221 | An 8-byte or 16-byte password used for authentication. |
1222 | ||
1223 | <tag>id <M>num</M></tag> | |
1224 | ID of the password, (0-255). If it's not used, BIRD will choose | |
b21f68b4 OZ |
1225 | ID based on an order of the password item in the interface. For |
1226 | example, second password item in one interface will have default | |
1227 | ID 2. | |
ea357b8b OF |
1228 | |
1229 | <tag>generate from <M>date</M></tag> | |
1230 | The start time of the usage of the password for packet signing. | |
1231 | ||
1232 | <tag>generate to <M>date</M></tag> | |
1233 | The last time of the usage of the password for packet signing. | |
1234 | ||
1235 | <tag>accept from <M>date</M></tag> | |
1236 | The start time of the usage of the password for packet verification. | |
1237 | ||
1238 | <tag>accept to <M>date</M></tag> | |
1239 | The last time of the usage of the password for packet verification. | |
8fd12e6b | 1240 | |
5a203dac | 1241 | <tag>neighbors { <m/set/ } </tag> |
3ca3e999 | 1242 | A set of neighbors to which Hello messages on nonbroadcast networks |
a190e720 OF |
1243 | are to be sent. Some of them could be marked as eligible. |
1244 | ||
8fd12e6b OF |
1245 | </descrip> |
1246 | ||
1247 | <sect1>Attributes | |
1248 | ||
f06a219a OF |
1249 | <p>OSPF defines three route attributes. Each internal route has a <cf/metric/ |
1250 | Metric is ranging from 1 to infinity (65535). | |
1251 | External routes use <cf/metric type 1/ or <cf/metric type 2/. | |
1252 | A <cf/metric of type 1/ is comparable with internal <cf/metric/, a | |
1253 | <cf/metric of type 2/ is always longer | |
1254 | than any <cf/metric of type 1/ or any <cf/internal metric/. | |
94e2bbcc | 1255 | If you specify both metrics only metric1 is used. |
f06a219a OF |
1256 | Each external route can also carry a <cf/tag/ which is a 32-bit |
1257 | integer which is used when exporting routes to other protocols; | |
1258 | otherwise, it doesn't affect routing inside the OSPF domain at all. | |
94e2bbcc | 1259 | Default is <cf/metric of type 2 = 10000/ and <cf/tag = 0/. |
8fd12e6b OF |
1260 | |
1261 | <sect1>Example | |
1262 | ||
1263 | <p> | |
1264 | ||
1265 | <code> | |
1266 | protocol ospf MyOSPF { | |
3b16080c OF |
1267 | rfc1583compatibility yes; |
1268 | tick 2; | |
76c7efec OF |
1269 | export filter { |
1270 | if source = RTS_BGP then { | |
1271 | ospf_metric1 = 100; | |
1272 | accept; | |
1273 | } | |
98ac6176 | 1274 | reject; |
76c7efec | 1275 | }; |
8fd12e6b | 1276 | area 0.0.0.0 { |
8fd12e6b OF |
1277 | interface "eth*" { |
1278 | cost 11; | |
1279 | hello 15; | |
1280 | priority 100; | |
1281 | retransmit 7; | |
1282 | authentication simple; | |
1283 | password "aaa"; | |
1284 | }; | |
1285 | interface "ppp*" { | |
1286 | cost 100; | |
3b16080c OF |
1287 | authentication cryptographic; |
1288 | passwords { | |
1289 | password "abc" { | |
1290 | id 1; | |
f735de02 OF |
1291 | generate to "22-04-2003 11:00:06"; |
1292 | accept from "17-01-2001 12:01:05"; | |
3b16080c OF |
1293 | }; |
1294 | password "def" { | |
1295 | id 2; | |
f735de02 OF |
1296 | generate to "22-07-2005 17:03:21"; |
1297 | accept from "22-02-2001 11:34:06"; | |
3b16080c OF |
1298 | }; |
1299 | }; | |
8fd12e6b | 1300 | }; |
e3bc10fd OF |
1301 | interface "arc0" { |
1302 | cost 10; | |
1303 | stub yes; | |
1304 | }; | |
3b16080c | 1305 | interface "arc1"; |
8fd12e6b OF |
1306 | }; |
1307 | area 120 { | |
1308 | stub yes; | |
98ac6176 OF |
1309 | networks { |
1310 | 172.16.1.0/24; | |
1311 | 172.16.2.0/24 hidden; | |
1312 | } | |
8fd12e6b OF |
1313 | interface "-arc0" , "arc*" { |
1314 | type nonbroadcast; | |
1315 | authentication none; | |
e3bc10fd | 1316 | strict nonbroadcast yes; |
a190e720 OF |
1317 | wait 120; |
1318 | poll 40; | |
1319 | dead count 8; | |
8fd12e6b | 1320 | neighbors { |
a190e720 | 1321 | 192.168.120.1 eligible; |
8fd12e6b OF |
1322 | 192.168.120.2; |
1323 | 192.168.120.10; | |
1324 | }; | |
1325 | }; | |
1326 | }; | |
1327 | } | |
1328 | </code> | |
1329 | ||
371adba6 | 1330 | <sect>Pipe |
1b55b1a3 | 1331 | |
371adba6 | 1332 | <sect1>Introduction |
a2a3ced8 MM |
1333 | |
1334 | <p>The Pipe protocol serves as a link between two routing tables, allowing routes to be | |
5a203dac | 1335 | passed from a table declared as primary (i.e., the one the pipe is connected to using the |
a2a3ced8 MM |
1336 | <cf/table/ configuration keyword) to the secondary one (declared using <cf/peer table/) |
1337 | and vice versa, depending on what's allowed by the filters. Export filters control export | |
1338 | of routes from the primary table to the secondary one, import filters control the opposite | |
1339 | direction. | |
1340 | ||
5a203dac | 1341 | <p>The primary use of multiple routing tables and the Pipe protocol is for policy routing, |
a2a3ced8 MM |
1342 | where handling of a single packet doesn't depend only on its destination address, but also |
1343 | on its source address, source interface, protocol type and other similar parameters. | |
5a203dac | 1344 | In many systems (Linux 2.2 being a good example), the kernel allows to enforce routing policies |
a2a3ced8 MM |
1345 | by defining routing rules which choose one of several routing tables to be used for a packet |
1346 | according to its parameters. Setting of these rules is outside the scope of BIRD's work | |
5a203dac | 1347 | (on Linux, you can use the <tt/ip/ command), but you can create several routing tables in BIRD, |
a2a3ced8 | 1348 | connect them to the kernel ones, use filters to control which routes appear in which tables |
5a203dac | 1349 | and also you can employ the Pipe protocol for exporting a selected subset of one table to |
a2a3ced8 MM |
1350 | another one. |
1351 | ||
371adba6 | 1352 | <sect1>Configuration |
a2a3ced8 MM |
1353 | |
1354 | <p><descrip> | |
1355 | <tag>peer table <m/table/</tag> Define secondary routing table to connect to. The | |
1356 | primary one is selected by the <cf/table/ keyword. | |
1357 | </descrip> | |
1358 | ||
371adba6 | 1359 | <sect1>Attributes |
a2a3ced8 MM |
1360 | |
1361 | <p>The Pipe protocol doesn't define any route attributes. | |
1362 | ||
371adba6 | 1363 | <sect1>Example |
a2a3ced8 MM |
1364 | |
1365 | <p>Let's consider a router which serves as a boundary router of two different autonomous | |
1366 | systems, each of them connected to a subset of interfaces of the router, having its own | |
1367 | exterior connectivity and wishing to use the other AS as a backup connectivity in case | |
1368 | of outage of its own exterior line. | |
1369 | ||
1370 | <p>Probably the simplest solution to this situation is to use two routing tables (we'll | |
1371 | call them <cf/as1/ and <cf/as2/) and set up kernel routing rules, so that packets having | |
1372 | arrived from interfaces belonging to the first AS will be routed according to <cf/as1/ | |
1373 | and similarly for the second AS. Thus we have split our router to two logical routers, | |
1374 | each one acting on its own routing table, having its own routing protocols on its own | |
1375 | interfaces. In order to use the other AS's routes for backup purposes, we can pass | |
1376 | the routes between the tables through a Pipe protocol while decreasing their preferences | |
5a203dac | 1377 | and correcting their BGP paths to reflect the AS boundary crossing. |
a2a3ced8 MM |
1378 | |
1379 | <code> | |
1380 | table as1; # Define the tables | |
1381 | table as2; | |
1382 | ||
1383 | protocol kernel kern1 { # Synchronize them with the kernel | |
1384 | table as1; | |
1385 | kernel table 1; | |
1386 | } | |
1387 | ||
1388 | protocol kernel kern2 { | |
1389 | table as2; | |
1390 | kernel table 2; | |
1391 | } | |
1392 | ||
1393 | protocol bgp bgp1 { # The outside connections | |
1394 | table as1; | |
1395 | local as 1; | |
1396 | neighbor 192.168.0.1 as 1001; | |
1397 | export all; | |
1398 | import all; | |
1399 | } | |
1400 | ||
1401 | protocol bgp bgp2 { | |
1402 | table as2; | |
1403 | local as 2; | |
1404 | neighbor 10.0.0.1 as 1002; | |
1405 | export all; | |
1406 | import all; | |
1407 | } | |
1408 | ||
1409 | protocol pipe { # The Pipe | |
1410 | table as1; | |
1411 | peer table as2; | |
1412 | export filter { | |
1413 | if net ~ [ 1.0.0.0/8+] then { # Only AS1 networks | |
1414 | if preference>10 then preference = preference-10; | |
1415 | if source=RTS_BGP then bgp_path.prepend(1); | |
1416 | accept; | |
1417 | } | |
1418 | reject; | |
1419 | }; | |
1420 | import filter { | |
1421 | if net ~ [ 2.0.0.0/8+] then { # Only AS2 networks | |
1422 | if preference>10 then preference = preference-10; | |
1423 | if source=RTS_BGP then bgp_path.prepend(2); | |
1424 | accept; | |
1425 | } | |
1426 | reject; | |
1427 | }; | |
1428 | } | |
1429 | </code> | |
1430 | ||
1532a244 | 1431 | <sect>RIP |
d37f899b | 1432 | |
371adba6 | 1433 | <sect1>Introduction |
d37f899b | 1434 | |
1532a244 PM |
1435 | <p>The RIP protocol (also sometimes called Rest In Pieces) is a simple protocol, where each router broadcasts (to all its neighbors) |
1436 | distances to all networks it can reach. When a router hears distance to another network, it increments | |
d37f899b | 1437 | it and broadcasts it back. Broadcasts are done in regular intervals. Therefore, if some network goes |
1532a244 PM |
1438 | unreachable, routers keep telling each other that its distance is the original distance plus 1 (actually, plus |
1439 | interface metric, which is usually one). After some time, the distance reaches infinity (that's 15 in | |
1440 | RIP) and all routers know that network is unreachable. RIP tries to minimize situations where | |
a7c9f7c0 | 1441 | counting to infinity is necessary, because it is slow. Due to infinity being 16, you can't use |
a4601845 | 1442 | RIP on networks where maximal distance is higher than 15 hosts. You can read more about RIP at <HTMLURL |
074a166d | 1443 | URL="http://www.ietf.org/html.charters/rip-charter.html" name="http://www.ietf.org/html.charters/rip-charter.html">. Both IPv4 |
64722c98 | 1444 | (RFC 1723<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc1723.txt">) |
074a166d | 1445 | and IPv6 (RFC 2080<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2080.txt">) versions of RIP are supported by BIRD, historical RIPv1 (RFC 1058<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc1058.txt">)is |
b21f68b4 | 1446 | not currently supported. RIPv4 MD5 authentication (RFC 2082<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc2082.txt">) is supported. |
440439e3 | 1447 | |
1532a244 PM |
1448 | <p>RIP is a very simple protocol, and it has a lot of shortcomings. Slow |
1449 | convergence, big network load and inability to handle larger networks | |
440439e3 | 1450 | makes it pretty much obsolete in IPv4 world. (It is still usable on |
1532a244 PM |
1451 | very small networks.) It is widely used in IPv6 networks, |
1452 | because there are no good implementations of OSPFv3. | |
d37f899b | 1453 | |
371adba6 | 1454 | <sect1>Configuration |
d37f899b | 1455 | |
1532a244 | 1456 | <p>In addition to options common for all to other protocols, RIP supports the following ones: |
d37f899b PM |
1457 | |
1458 | <descrip> | |
30c34a10 OF |
1459 | <tag/authentication none|plaintext|md5/ selects authentication method to be used. <cf/none/ means that |
1460 | packets are not authenticated at all, <cf/plaintext/ means that a plaintext password is embedded | |
b21f68b4 | 1461 | into each packet, and <cf/md5/ means that packets are authenticated using a MD5 cryptographic |
1532a244 | 1462 | hash. If you set authentication to not-none, it is a good idea to add <cf>passwords { }</cf> |
5a203dac | 1463 | section. Default: none. |
7581b81b | 1464 | |
1532a244 PM |
1465 | <tag>honor always|neighbor|never </tag>specifies when should requests for dumping routing table |
1466 | be honored. (Always, when sent from a host on a directly connected | |
1467 | network or never.) Routing table updates are honored only from | |
5a203dac | 1468 | neighbors, that is not configurable. Default: never. |
d37f899b PM |
1469 | </descrip> |
1470 | ||
1471 | <p>There are two options that can be specified per-interface. First is <cf>metric</cf>, with | |
7581b81b | 1472 | default one. Second is <cf>mode multicast|broadcast|quiet|nolisten|version1</cf>, it selects mode for |
1b55b1a3 | 1473 | rip to work in. If nothing is specified, rip runs in multicast mode. <cf>version1</cf> is |
1532a244 PM |
1474 | currently equivalent to <cf>broadcast</cf>, and it makes RIP talk to a broadcast address even |
1475 | through multicast mode is possible. <cf>quiet</cf> option means that RIP will not transmit | |
1476 | any periodic messages to this interface and <cf>nolisten</cf> means that RIP will send to this | |
1477 | interface but not listen to it. | |
d37f899b | 1478 | |
1532a244 PM |
1479 | <p>The following options generally override behavior specified in RFC. If you use any of these |
1480 | options, BIRD will no longer be RFC-compliant, which means it will not be able to talk to anything | |
1481 | other than equally configured BIRD. I have warned you. | |
d37f899b PM |
1482 | |
1483 | <descrip> | |
0e7a720a | 1484 | <tag>port <M>number</M></tag> |
d150c637 | 1485 | selects IP port to operate on, default 520. (This is useful when testing BIRD, if you |
1532a244 | 1486 | set this to an address >1024, you will not need to run bird with UID==0). |
d37f899b | 1487 | |
0e7a720a | 1488 | <tag>infinity <M>number</M></tag> |
1532a244 | 1489 | selects the value of infinity, default is 16. Bigger values will make protocol convergence |
d37f899b PM |
1490 | even slower. |
1491 | ||
0e7a720a | 1492 | <tag>period <M>number</M> |
1532a244 | 1493 | </tag>specifies the number of seconds between periodic updates. Default is 30 seconds. A lower |
326e33f5 PM |
1494 | number will mean faster convergence but bigger network |
1495 | load. Do not use values lower than 10. | |
d37f899b | 1496 | |
f3b33928 | 1497 | <tag>timeout time <M>number</M> |
1532a244 | 1498 | </tag>specifies how old route has to be to be considered unreachable. Default is 4*<cf/period/. |
d37f899b | 1499 | |
f3b33928 | 1500 | <tag>garbage time <M>number</M> |
1532a244 | 1501 | </tag>specifies how old route has to be to be discarded. Default is 10*<cf/period/. |
d37f899b PM |
1502 | </descrip> |
1503 | ||
371adba6 | 1504 | <sect1>Attributes |
d37f899b | 1505 | |
1b55b1a3 MM |
1506 | <p>RIP defines two route attributes: |
1507 | ||
1508 | <descrip> | |
1509 | <tag>int <cf/rip_metric/</tag> RIP metric of the route (ranging from 0 to <cf/infinity/). | |
1510 | When routes from different RIP instances are available and all of them have the same | |
1511 | preference, BIRD prefers the route with lowest <cf/rip_metric/. | |
5a203dac | 1512 | When importing a non-RIP route, the metric defaults to 5. |
1b55b1a3 MM |
1513 | |
1514 | <tag>int <cf/rip_tag/</tag> RIP route tag: a 16-bit number which can be used | |
1515 | to carry additional information with the route (for example, an originating AS number | |
5a203dac | 1516 | in case of external routes). When importing a non-RIP route, the tag defaults to 0. |
1b55b1a3 MM |
1517 | </descrip> |
1518 | ||
371adba6 | 1519 | <sect1>Example |
1b55b1a3 MM |
1520 | |
1521 | <p><code> | |
d37f899b PM |
1522 | protocol rip MyRIP_test { |
1523 | debug all; | |
1524 | port 1520; | |
326e33f5 PM |
1525 | period 10; |
1526 | garbage time 60; | |
22080a86 PM |
1527 | interface "eth0" { metric 3; mode multicast; } |
1528 | "eth1" { metric 2; mode broadcast; }; | |
326e33f5 | 1529 | honor neighbor; |
d37f899b PM |
1530 | authentication none; |
1531 | import filter { print "importing"; accept; }; | |
1532 | export filter { print "exporting"; accept; }; | |
1533 | } | |
a0dd1c74 | 1534 | </code> |
d37f899b | 1535 | |
371adba6 | 1536 | <sect>Static |
1b55b1a3 | 1537 | |
0e4789c2 | 1538 | <p>The Static protocol doesn't communicate with other routers in the network, |
f8e2d916 | 1539 | but instead it allows you to define routes manually. This is often used for |
79a2b697 MM |
1540 | specifying how to forward packets to parts of the network which don't use |
1541 | dynamic routing at all and also for defining sink routes (i.e., those | |
1542 | telling to return packets as undeliverable if they are in your IP block, | |
1543 | you don't have any specific destination for them and you don't want to send | |
1544 | them out through the default route to prevent routing loops). | |
1545 | ||
1546 | <p>There are three types of static routes: `classical' routes telling to | |
1547 | forward packets to a neighboring router, device routes specifying forwarding | |
1548 | to hosts on a directly connected network and special routes (sink, blackhole | |
1549 | etc.) which specify a special action to be done instead of forwarding the | |
1550 | packet. | |
1551 | ||
1552 | <p>When the particular destination is not available (the interface is down or | |
1553 | the next hop of the route is not a neighbor at the moment), Static just | |
326e33f5 | 1554 | uninstalls the route from the table it is connected to and adds it again as soon |
a00c7a18 | 1555 | as the destination becomes adjacent again. |
79a2b697 | 1556 | |
79a2b697 | 1557 | <p>The Static protocol has no configuration options. Instead, the |
326e33f5 | 1558 | definition of the protocol contains a list of static routes: |
79a2b697 MM |
1559 | |
1560 | <descrip> | |
1561 | <tag>route <m/prefix/ via <m/ip/</tag> Static route through | |
1562 | a neighboring router. | |
1563 | <tag>route <m/prefix/ via <m/"interface"/</tag> Static device | |
1564 | route through an interface to hosts on a directly connected network. | |
1565 | <tag>route <m/prefix/ drop|reject|prohibit</tag> Special routes | |
1566 | specifying to drop the packet, return it as unreachable or return | |
1567 | it as administratively prohibited. | |
1568 | </descrip> | |
1569 | ||
79a2b697 MM |
1570 | <p>Static routes have no specific attributes. |
1571 | ||
4f88ac47 | 1572 | <p>Example static config might look like this: |
79a2b697 MM |
1573 | |
1574 | <p><code> | |
1575 | protocol static { | |
96264d4d PM |
1576 | table testable; # Connect to a non-default routing table |
1577 | route 0.0.0.0/0 via 62.168.0.13; # Default route | |
1578 | route 62.168.0.0/25 reject; # Sink route | |
1579 | route 10.2.0.0/24 via "arc0"; # Secondary network | |
79a2b697 MM |
1580 | } |
1581 | </code> | |
1582 | ||
96264d4d PM |
1583 | <chapt>Conclusions |
1584 | ||
1585 | <sect>Future work | |
1586 | ||
1587 | <p>Although BIRD supports all the commonly used routing protocols, | |
1588 | there are still some features which would surely deserve to be | |
1589 | implemented in future versions of BIRD: | |
1590 | ||
1591 | <itemize> | |
1592 | <item>OSPF for IPv6 networks | |
1593 | <item>OSPF NSSA areas and opaque LSA's | |
1594 | <item>Route aggregation and flap dampening | |
1595 | <item>Generation of IPv6 router advertisements | |
1596 | <item>Multipath routes | |
1597 | <item>Multicast routing protocols | |
1598 | <item>Ports to other systems | |
1599 | </itemize> | |
1600 | ||
1601 | <sect>Getting more help | |
1602 | ||
1603 | <p>If you use BIRD, you're welcome to join the bird-users mailing list | |
1604 | (<HTMLURL URL="mailto:bird-users@bird.network.cz" name="bird-users@bird.network.cz">) | |
1605 | where you can share your experiences with the other users and consult | |
1606 | your problems with the authors. To subscribe to the list, just send a | |
1607 | <tt/subscribe bird-users/ command in a body of a mail to | |
1608 | (<HTMLURL URL="mailto:majordomo@bird.network.cz" name="majordomo@bird.network.cz">). | |
1609 | The home page of BIRD can be found at <HTMLURL URL="http://bird.network.cz/" name="http://bird.network.cz/">. | |
1610 | ||
1611 | <p>BIRD is a relatively young system and it probably contains some | |
1612 | bugs. You can report any problems to the bird-users list and the authors | |
1613 | will be glad to solve them, but before you do so, | |
1614 | please make sure you have read the available documentation and that you are running the latest version (available at <HTMLURL | |
1615 | URL="ftp://bird.network.cz/pub/bird" name="bird.network.cz:/pub/bird">). (Of course, a patch | |
1616 | which fixes the bug is always welcome as an attachment.) | |
1617 | ||
1618 | <p>If you want to understand what is going inside, Internet standards are | |
1619 | a good and interesting reading. You can get them from <HTMLURL URL="ftp://ftp.rfc-editor.org/" name="ftp.rfc-editor.org"> (or a nicely sorted version from <HTMLURL URL="ftp://atrey.karlin.mff.cuni.cz/pub/rfc" name="atrey.karlin.mff.cuni.cz:/pub/rfc">). | |
69477cad | 1620 | |
c184d9d0 | 1621 | <p><it/Good luck!/ |
69477cad | 1622 | |
371adba6 | 1623 | </book> |
7581b81b | 1624 | |
a0dd1c74 | 1625 | <!-- |
75317ab8 MM |
1626 | LocalWords: GPL IPv GateD BGPv RIPv OSPFv Linux sgml html dvi sgmltools Pavel |
1627 | LocalWords: linuxdoc dtd descrip config conf syslog stderr auth ospf bgp Mbps | |
5a203dac | 1628 | LocalWords: router's eval expr num birdc ctl UNIX if's enums bool int ip GCC |
75317ab8 MM |
1629 | LocalWords: len ipaddress pxlen netmask enum bgppath bgpmask clist gw md eth |
1630 | LocalWords: RTS printn quitbird iBGP AS'es eBGP RFC multiprotocol IGP Machek | |
4e8ec666 | 1631 | LocalWords: EGP misconfigurations keepalive pref aggr aggregator BIRD's RTC |
5a203dac | 1632 | LocalWords: OS'es AS's multicast nolisten misconfigured UID blackhole MRTD MTU |
4e8ec666 | 1633 | LocalWords: uninstalls ethernets IP binutils ANYCAST anycast dest RTD ICMP rfc |
5a203dac | 1634 | LocalWords: compat multicasts nonbroadcast pointopoint loopback sym stats |
64722c98 | 1635 | LocalWords: Perl SIGHUP dd mm yy HH MM SS EXT IA UNICAST multihop Discriminator txt |
5a203dac | 1636 | LocalWords: proto wildcard |
5a64ac70 | 1637 | --> |