diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2024-07-17 20:38:43 +0200 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2024-07-17 20:38:43 +0200 |
| commit | ce31caee6ce414fd3abd3b323b5ccfeda6733986 (patch) | |
| tree | 9aa16a5ed56dec88504db3429789e9741e39aa3f /tnet/files/knot/bird-tnet.conf | |
| parent | f69827ab7abf3c62ad6410930b81b3ee137d37b0 (diff) | |
| download | infra-ce31caee6ce414fd3abd3b323b5ccfeda6733986.tar.gz infra-ce31caee6ce414fd3abd3b323b5ccfeda6733986.tar.bz2 infra-ce31caee6ce414fd3abd3b323b5ccfeda6733986.tar.xz infra-ce31caee6ce414fd3abd3b323b5ccfeda6733986.zip | |
routedbits
Diffstat (limited to 'tnet/files/knot/bird-tnet.conf')
| -rw-r--r-- | tnet/files/knot/bird-tnet.conf | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf index fcecc19..bb76fe8 100644 --- a/tnet/files/knot/bird-tnet.conf +++ b/tnet/files/knot/bird-tnet.conf @@ -47,3 +47,32 @@ protocol bgp tnet_node2 from tnet_tpl { rr client; } + +protocol bgp routedbits_lon1 { + local as 4242423538; + neighbor fe80::207 + neighbor as 4242420207; + + ipv6 { + import filter { + if dn42_is_valid_network() && !is_tnet() then { + # Check when unknown or invalid according to ROA + if (roa_check(dn42_roa, net, bgp_path.last) == ROA_VALID) then { + accept; + } else { + print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last; + reject; + } + } else { + reject; + } + } + export filter { + if dn42_is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then { + accept; + } else { + reject; + } + } + } +} |