Question for proper RPKI check integration in the bird v2.0.4 with Euro-IX Informational BGP communities

Irene Lalioti irene.lalioti at restena.lu
Wed Sep 25 10:58:11 CEST 2019


Hello all,

Can you please let me know where is the syntax error in my snippet , or
if it is wrong how else I should integrate it in a way bird doesn't
complain? Thanks in advance!

#RPKI Check

filter bgp_in_AS1234
prefix set allnet;
{
include "/etc/bird/prefix-lists/AS2589-v4";
if (is_martian4()) then reject;
if ! (net ~ allnet) then reject;
rpki_result = roa check(r4, net, bgp_path.last_nonaggregated );
if ( rpki_result = ROA_INVALID ) then{
bgp_community.add((1234:1000:4));
reject;
print "Invalid ROA ", net, " for ASN ", bgp_path.last_nonaggregated,
"from AS1234" ;
}
if ( rpki_result = ROA_VALID ) then{
bgp_community.add((1234:1000:1));
accept;
}
if ( rpki_result = ROA_ UNKNOWN ) then{
bgp_community.add((1234:1000:2));
accept;
print "Unknown RPKI ", net, "for ASN ", bgp_path.last_nonaggregated,
"from AS1234 ";
}
}

-- 
Irene Lalioti
Network Engineer
Fondation RESTENA
2, avenue de l'Université
L-4365 Esch/Alzette

Tel: +352 424409 1
Fax: +352 422473

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20190925/4fa28cd4/attachment.htm>


More information about the Bird-users mailing list