From ce31caee6ce414fd3abd3b323b5ccfeda6733986 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Wed, 17 Jul 2024 20:38:43 +0200
Subject: routedbits

---
 tnet/files/knot/bird-tnet.conf | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'tnet/files/knot/bird-tnet.conf')

diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf
index fcecc19..bb76fe8 100644
--- a/tnet/files/knot/bird-tnet.conf
+++ b/tnet/files/knot/bird-tnet.conf
@@ -47,3 +47,32 @@ protocol bgp tnet_node2 from tnet_tpl {
 
   rr client;
 }
+
+protocol bgp routedbits_lon1 {
+  local    as 4242423538;
+  neighbor fe80::207
+  neighbor as 4242420207;
+
+  ipv6 {
+    import filter {
+      if dn42_is_valid_network() && !is_tnet() then {
+        # Check when unknown or invalid according to ROA
+        if (roa_check(dn42_roa, net, bgp_path.last) == ROA_VALID) then {
+          accept;
+        } else {
+          print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last;
+          reject;
+        }
+      } else {
+        reject;
+      }
+    }
+    export filter {
+      if dn42_is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then {
+        accept;
+      } else {
+        reject;
+      }
+    }
+  }
+}
-- 
cgit v1.2.3