Changes in 577c0ce: Updated birdconf (markdown)

_Footer.md

...	...	@@ -1 +0,0 @@
1		-Hosted by: [xuu](mailto:[email protected]), [nurtic-vibe](mailto:[email protected]), [toBee](mailto:[email protected]), [burble](mailto:[email protected]) \| Accessible via: [dn42](http://wiki.dn42), [tor](http://jsptropkiix3ki5u.onion), [i2p](http://beb6v2i4jevo72vvnx6segsk4zv3pu3prbwcfuta3bzrcv7boy2q.b32.i2p/)

_Sidebar.md

...	...	@@ -1,47 +0,0 @@
1		- * [Home](/Home)
2		- * [Getting Started](/howto/Getting-Started)
3		- * [Registry Authentication](/howto/Registry-Authentication)
4		- * [Address Space](/howto/Address-Space)
5		- * [FAQ](/FAQ)
6		-
7		-* How-To
8		- * [Wireguard](/howto/wireguard)
9		- * [Openvpn](/howto/openvpn)
10		- * [IPsec With Public Keys](/howto/IPsec-with-PublicKeys)
11		- * [Tinc](/howto/tinc)
12		- * [GRE on FreeBSD](/howto/GRE-on-FreeBSD)
13		- * [GRE on OpenBSD](/howto/GRE-on-OpenBSD)
14		- * [IPv6 Multicast (PIM-SM)](/howto/IPv6-Multicast)
15		- * [Bird](/howto/Bird) / [Bird2](/howto/Bird2)
16		- * [Quagga](/howto/Quagga)
17		- * [OpenBGPD](/howto/OpenBGPD)
18		- * [Mikrotik RouterOS](/howto/mikrotik)
19		- * [EdgeRouter](/howto/EdgeOS-Config)
20		- * [Static routes on Windows](/howto/Static-routes-on-Windows)
21		- * [Universal Network Requirements](/howto/networksettings)
22		- * [VyOS](/howto/vyos)
23		- * [NixOS](/howto/nixos)
24		-
25		-* Services
26		- * [IRC](/services/IRC)
27		- * [Whois registry](/services/Whois)
28		- * [DNS](/services/DNS)
29		- * [Public DNS](/services/Clearnet-Domains)
30		- * [Looking Glasses](/services/Looking-Glasses)
31		- * [Repository Mirrors](/services/Repository-Mirrors)
32		- * [Distributed Wiki](/services/Distributed-Wiki)
33		- * [Certificate Authority](/services/Certificate-Authority)
34		- * [Route Collector](/services/Route-Collector)
35		-
36		-* Internal
37		- * [Internal services](/internal/Internal-Services)
38		- * [Interconnections](/internal/Interconnections)
39		- * [APIs](/internal/APIs)
40		- * [Historical services](/internal/Historical-Services)
41		-
42		-* External Tools
43		- * [Paste Board](/https://paste.dn42.us)
44		- * [Git Repositories](/https://git.dn42.dev)
45		-
46		---------------
47		-

https:/birdconf.md

...	...	@@ -1,150 +0,0 @@
1		-#############################################
2		-# Variable header #
3		-################################################
4		-
5		-
6		-define OWNAS = 4242422322;
7		-define OWNIP = 172.22.181.193;
8		-define OWNIPv6 = fd42:4242:2322::1;
9		-define OWNNET = 172.22.181.192/27;
10		-define OWNNETv6 = fd42:4242:2322::/48;
11		-define OWNNETSET = [172.22.181.192/27+];
12		-define OWNNETSETv6 = [fd42:4242:2322::/48+];
13		-
14		-################################################
15		-# Header end #
16		-################################################
17		-
18		-router id OWNIP;
19		-
20		-protocol device {
21		- scan time 10;
22		-}
23		-
24		-/*
25		- * Utility functions
26		- */
27		-
28		-function is_self_net() {
29		- return net ~ OWNNETSET;
30		-}
31		-
32		-function is_self_net_v6() {
33		- return net ~ OWNNETSETv6;
34		-}
35		-
36		-function is_valid_network() {
37		- return net ~ [
38		- 172.20.0.0/14{21,29}, # dn42
39		- 172.20.0.0/24{28,32}, # dn42 Anycast
40		- 172.21.0.0/24{28,32}, # dn42 Anycast
41		- 172.22.0.0/24{28,32}, # dn42 Anycast
42		- 172.23.0.0/24{28,32}, # dn42 Anycast
43		- 172.31.0.0/16+, # ChaosVPN
44		- 10.100.0.0/14+, # ChaosVPN
45		- 10.0.0.0/8{15,24} # Freifunk.net
46		- ];
47		-}
48		-
49		-roa4 table dn42_roa;
50		-roa6 table dn42_roa_v6;
51		-
52		-protocol static {
53		- roa4 { table dn42_roa; };
54		- include "/etc/bird/roa4.conf";
55		-};
56		-
57		-protocol static {
58		- roa6 { table dn42_roa_v6; };
59		- include "/etc/bird/roa6.conf";
60		-};
61		-
62		-function is_valid_network_v6() {
63		- return net ~ [
64		- fd00::/8{44,64} # ULA address space as per RFC 4193
65		- ];
66		-}
67		-
68		-protocol kernel {
69		- scan time 20;
70		-
71		- ipv6 {
72		- import none;
73		- export filter {
74		- if source = RTS_STATIC then reject;
75		- krt_prefsrc = OWNIPv6;
76		- accept;
77		- };
78		- };
79		-};
80		-
81		-protocol kernel {
82		- scan time 20;
83		-
84		- ipv4 {
85		- import none;
86		- export filter {
87		- if source = RTS_STATIC then reject;
88		- krt_prefsrc = OWNIP;
89		- accept;
90		- };
91		- };
92		-}
93		-
94		-protocol static {
95		- route OWNNET reject;
96		-
97		- ipv4 {
98		- import all;
99		- export none;
100		- };
101		-}
102		-
103		-protocol static {
104		- route OWNNETv6 reject;
105		-
106		- ipv6 {
107		- import all;
108		- export none;
109		- };
110		-}
111		-
112		-template bgp dnpeers {
113		- local as OWNAS;
114		- path metric 1;
115		-
116		- ipv4 {
117		- import filter {
118		- if is_valid_network() && !is_self_net() then {
119		- if (roa_check(dn42_roa, net, bgp_path.last) != ROA_VALID) then {
120		- print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last;
121		- reject;
122		- } else accept;
123		- } else reject;
124		- };
125		-
126		- export filter { if is_valid_network() then accept; else reject; };
127		- import limit 1000 action block;
128		- };
129		-
130		- ipv6 {
131		- import filter {
132		- if is_valid_network_v6() && !is_self_net_v6() then {
133		- if (roa_check(dn42_roa_v6, net, bgp_path.last) != ROA_VALID) then {
134		- print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last;
135		- reject;
136		- } else accept;
137		- } else reject;
138		- };
139		- export filter { if is_valid_network_v6() then accept; else reject; };
140		- import limit 1000 action block;
141		- };
142		-}
143		-
144		-
145		-include "/etc/bird/peers/*";
146		-
147		-log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
148		-log stderr all;
149		-#log "/home/bird/bird.log" all;
150		-#log "/root/bird.log" all;