diff options
Diffstat (limited to 'tnet/files')
| -rw-r--r-- | tnet/files/knot/bird-tnet.conf | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf index fcecc19..bb76fe8 100644 --- a/tnet/files/knot/bird-tnet.conf +++ b/tnet/files/knot/bird-tnet.conf @@ -47,3 +47,32 @@ protocol bgp tnet_node2 from tnet_tpl { rr client; } + +protocol bgp routedbits_lon1 { + local as 4242423538; + neighbor fe80::207 + neighbor as 4242420207; + + ipv6 { + import filter { + if dn42_is_valid_network() && !is_tnet() then { + # Check when unknown or invalid according to ROA + if (roa_check(dn42_roa, net, bgp_path.last) == ROA_VALID) then { + accept; + } else { + print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last; + reject; + } + } else { + reject; + } + } + export filter { + if dn42_is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then { + accept; + } else { + reject; + } + } + } +} |