]> git.ipfire.org Git - thirdparty/bird.git/blob - doc/bird.conf.example2
projects / thirdparty / bird.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Flowspec: Max tcp mask length is 12 bits
[thirdparty/bird.git] / doc / bird.conf.example2
1 /*
2 * This is an example configuration file for MB-BGP setting
3 */
4
5
6 log "bird.log" all;
7 # debug protocols all;
8
9 router id 192.168.1.1;
10
11 ipv4 table master4;
12 ipv6 table master6;
13
14 ipv4 table mcast4;
15 ipv6 table mcast6;
16
17 ipv4 table mtab4;
18 ipv6 table mtab6;
19
20 vpn4 table vpntab4;
21 vpn6 table vpntab6;
22
23 vpn4 table vpn4mc;
24 vpn6 table vpn6mc;
25
26 flow4 table flowtab4;
27 flow6 table flowtab6;
28
29
30 protocol device {
31 scan time 10;
32 }
33
34 protocol kernel kernel4 {
35 scan time 20;
36
37 ipv4 {
38 export all;
39 };
40 }
41
42 protocol kernel kernel6 {
43 scan time 20;
44
45 ipv6 {
46 export all;
47 };
48 }
49
50
51 protocol static static4 {
52 ipv4;
53
54 route 10.10.0.0/24 via 192.168.1.2;
55 route 10.10.1.0/24 via 192.168.1.2 { bgp_large_community.add((10,20,30)); bgp_large_community.add((10,(20*3),10)); };
56 }
57
58 protocol static static6 {
59 ipv6;
60
61 route 2001:db8:10:10::/64 via 2001:db8:1:1::10;
62 route 2001:db8:10:11::/64 via 2001:db8:1:1::10;
63
64 route 2001:db8:1:1::/64 via fe80::ec9b:67ff:fe60:fd5d % ve1;
65 }
66
67 # VPNv4 routes with MPLS labels
68 protocol static statvpn4 {
69 vpn4;
70
71 route 10:10 10.20.0.0/24 via 192.168.1.2 mpls 210;
72 route 10:10 10.20.1.0/24 via 192.168.1.2 mpls 210;
73 route 10:20 10.20.0.0/24 via 192.168.1.2 mpls 220;
74 route 10:20 10.20.1.0/24 via 192.168.1.2 mpls 220;
75 }
76
77 protocol static statvpn6 {
78 vpn6;
79
80 route 10:10 2001:db8:20:10::/64 via 2001:db8:1:1::10 mpls 200/210;
81 route 10:10 2001:db8:20:11::/64 via 2001:db8:1:1::10 mpls 200/210;
82 route 10:20 2001:db8:20:10::/64 via 2001:db8:1:1::10 mpls 200/220;
83 route 10:20 2001:db8:20:11::/64 via 2001:db8:1:1::10 mpls 200/220;
84 }
85
86 # RFC 5575 flow specification
87 protocol static flowstat4 {
88 flow4;
89
90 route flow4 {
91 dst 10.0.0.0/8;
92 proto = 23;
93 dport > 24 && < 30 || 40..50,60..70,80;
94 sport > 24 && < 30 || = 40 || 50,60..70,80;
95 icmp type 80;
96 icmp code 90;
97 tcp flags 0x03/0x0f;
98 length 2048..65535;
99 dscp = 63;
100 fragment dont_fragment, is_fragment || !first_fragment;
101 };
102
103 route flow4 {
104 dst 11.0.0.0/8;
105 proto = 0x12;
106 sport > 0x5678 && < 0x9abc || 0xdef0 || 0x1234,0x5678,0x9abc..0xdef0;
107 dport = 50;
108 tcp flags 0x000/0xf00;
109 };
110
111 route flow4 {
112 dst 12.0.0.0/32;
113 tcp flags ! 0/0x999;
114 };
115
116 route flow4 {
117 dst 220.0.254.0/24;
118 tcp flags 0x99/0x999;
119 };
120
121 route flow4 {
122 dst 220.0.254.192/28;
123 tcp flags ! 0xfff/0xfff;
124 };
125
126 route flow4 {
127 dst 15.0.0.0/8;
128 tcp flags ! 0x999/0x999;
129 };
130 }
131
132 protocol static flowstat6 {
133 flow6;
134
135 route flow6 {
136 dst fec0:1122:3344:5566::1/128;
137 src 0000:0000:0000:0001:1234:5678:9800:0000/101 offset 63;
138 next header = 23;
139 sport 24..30, 42 || 50,60,70..80;
140 dport = 50;
141 tcp flags 0x03/0x0f, !0/0xff || 0x33/0x33;
142 fragment !is_fragment || !first_fragment;
143 label 0xaaaa/0xaaaa && 0x33/0x33;
144 };
145
146 route flow6 {
147 dst fec0:1122:3344:5566::1/128;
148 src ::1:1234:5678:9800:0/101 offset 63;
149 next header = 23;
150 dport = 50;
151 sport > 24 && < 30 || = 40 || = 50 || = 60 || >= 70 && <= 80;
152 tcp flags 0x3/0x3 && 0x0/0xc;
153 };
154 }
155
156
157 protocol pipe {
158 table master4;
159 peer table mcast4;
160 import none;
161 export where source = RTS_OSPF;
162 }
163
164 protocol pipe {
165 table master6;
166 peer table mcast6;
167 import none;
168 export where source = RTS_OSPF;
169 }
170
171 protocol ospf2 ospf4 {
172 # ecmp;
173
174 ipv4 {
175 import all;
176 # export where source = RTS_STATIC;
177 };
178
179 area 0 {
180 interface "ve0" { stub; };
181 interface "ve1" { hello 5; type ptp; };
182 interface "ve2" { hello 5; type bcast; ttl security; };
183 interface "ve3" { hello 5; type bcast; ttl security; };
184 };
185 }
186
187
188 protocol ospf3 ospf6 {
189 # ecmp;
190
191 ipv6 {
192 import all;
193 # export where source = RTS_STATIC;
194 };
195
196 area 0 {
197 interface "ve0" { stub; };
198 interface "ve1" { hello 5; type ptp; };
199 interface "ve2" { hello 5; type bcast; };
200 };
201 }
202
203 protocol bgp {
204 local 192.168.11.1 as 1000;
205 neighbor 192.168.11.2 as 2000;
206 # local 192.168.1.1 as 1000;
207 # neighbor 192.168.2.1 as 2000;
208 # multihop;
209 # rr client;
210 # strict bind;
211 # debug all;
212
213 # regular IPv4 unicast (1/1)
214 ipv4 {
215 # connects to master4 table by default
216 import all;
217 export where source ~ [ RTS_STATIC, RTS_BGP ];
218 };
219
220 # regular IPv6 unicast (2/1)
221 ipv6 {
222 # connects to master6 table by default
223 import all;
224 export where source ~ [ RTS_STATIC, RTS_BGP ];
225 # next hop address 2001:db8:1:1::1;
226 };
227
228 # IPv4 multicast topology (1/2)
229 ipv4 multicast {
230 # explicit IPv4 table
231 table mcast4;
232 import all;
233 export all;
234 };
235
236 # IPv6 multicast topology (2/2)
237 ipv6 multicast {
238 # explicit IPv6 table
239 table mcast6;
240 import all;
241 export all;
242 # next hop address 2001:db8:1:1::1;
243 };
244
245 # IPv4 with MPLS labels (1/4)
246 ipv4 mpls {
247 # explicit IPv4 table
248 table mtab4;
249 import all;
250 export all;
251 };
252
253 # IPv6 with MPLS labels (2/4)
254 ipv6 multicast {
255 # explicit IPv6 table
256 table mtab6;
257 import all;
258 export all;
259 # allows IPv4 next hops (6PE)
260 # extended next hop;
261 };
262
263 # VPNv4 with MPLS labels (1/128)
264 vpn4 mpls {
265 # connects to vpntab4 table by default
266 import all;
267 export all;
268 };
269
270 # VPNv6 with MPLS labels (2/128)
271 vpn6 mpls {
272 # connects to vpntab6 table by default
273 import all;
274 export all;
275 };
276
277 # VPNv4 multicast topology (1/129)
278 vpn4 multicast {
279 table vpn4mc;
280 import all;
281 export all;
282 };
283
284 # VPNv6 multicast topology (2/129)
285 vpn6 multicast {
286 table vpn6mc;
287 import all;
288 export all;
289 };
290
291 # IPv4 Flowspec (1/133)
292 flow4 {
293 # connects to flowtab4 table by default
294 import all;
295 export all;
296 };
297
298 # IPv6 Flowspec (2/133)
299 flow6 {
300 # connects to flowtab6 table by default
301 import all;
302 export all;
303 };
304 }
305
306 protocol bgp {
307 local 192.168.1.1 as 1000;
308 neighbor 192.168.3.1 as 1000;
309 multihop;
310 rr client;
311
312 ipv4 {
313 import all;
314 export where source ~ [ RTS_STATIC, RTS_BGP ];
315 };
316
317 ipv6 {
318 import all;
319 export where source ~ [ RTS_STATIC, RTS_BGP ];
320 next hop address 2001:db8:1:1::1;
321 };
322 }
323
324 protocol bgp {
325 local 2001:db8:1:1::1 as 1000;
326 neighbor 2001:db8:4:1::1 as 1000;
327 multihop;
328 rr client;
329
330 ipv4 {
331 import all;
332 export where source ~ [ RTS_STATIC, RTS_BGP ];
333 next hop address 192.168.4.1;
334 };
335
336 ipv6 {
337 import all;
338 export where source ~ [ RTS_STATIC, RTS_BGP ];
339 };
340 }
341
Mirror of https://gitlab.labs.nic.cz/labs/bird.git