# Configure logging #log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; #log stderr all; #log "/var/log/bird.log" { fatal, error }; log "/var/log/bird.log" { fatal }; #log "/var/log/bird.log" { debug, trace, info, remote, warning, error, auth, fatal, bug }; # Override router ID router id 217.29.80.149; # You can define your own symbols... #define xyzzy = 120+10; # Define a route filter... #filter test_filter { # if net ~ 10.0.0.0/16 then accept; # else reject; #} filter drop_default { if net != 0.0.0.0/0 then accept; else reject; } #0 - cosmos 1 - tpu 2 - tsu 3 - Consultant #4 - SibPTUS 5 - Tomica 6 - Telecom 7 - Virsia #8 - TSpaseLink 9 - TTNTesla 10 - TPSBank 11 - ICNTomsk #12 - Oberon 13 - AcademCity 14 - CNTI 15 - Darim #16 - JSCATelecom 17 - SeverskES 18 - DistanceEducationInstitute #19 -Stack #20 - Internet #21 - CPro (TransTelecom) 22 - StackNew #23 - Tomsk (Notfound) # # realm = input_realm*65536+output_relm - for iptables realms # filter who_is { if net ~ 80.89.128.176/29 then return 19; if net ~ 80.89.143.0/24 then return 15; if net ~ 81.1.212.0/24 then return 16; if net ~ 212.192.163.0/24 then return 13; if net ~ 217.106.40.0/24 then return 9; if net ~ 217.106.41.0/24 then return 10; if net ~ 217.106.42.0/24 then return 11; if net ~ 212.192.197.0/24 then return 14; if net ~ 194.58.123.0/24 then return 2; if net ~ 217.106.172.0/23 then return 1; if net ~ 213.59.236.0/23 then return 3; if net ~ 217.106.174.0/23 then return 3; if net ~ 213.59.238.0/23 then return 4; if net ~ 217.106.40.0/23 then return 8; if net ~ 80.89.150.0/23 then return 12; if net ~ 81.176.240.0/23 then return 17; if net ~ 80.250.176.0/23 then return 18; if net ~ 81.1.232.0/23 then return 21; if net ~ 212.73.124.0/22 then return 4; if net ~ 217.106.32.0/22 then return 5; if net ~ 217.107.204.0/22 then return 5; if net ~ 80.89.132.0/22 then return 7; if net ~ 217.106.36.0/22 then return 8; if net ~ 217.106.168.0/22 then return 19; if net ~ 217.106.120.0/21 then return 19; if net ~ 217.29.80.0/20 then return 22; if net ~ 217.18.128.0/19 then return 6; if net ~ 213.183.96.0/19 then return 7; if net ~ 212.192.96.0/19 then return 2; if net ~ 195.208.160.0/19 then return 1; if net ~ 213.210.64.0/18 then return 6; return 23; } #filter sink { reject; } #filter okay { accept; } # for testing filter export_rip { if net ~ 217.29.86.96/27 then gw = 172.16.1.17; # gw = 172.16.1.1; if net != 0.0.0.0/0 then accept; else reject; } # Define another routing table #table testable; # Turn on global debugging of all protocols #debug protocols all; # The direct protocol automatically generates device routes to # all network interfaces. Can exist in as many instances as you wish # if you want to populate multiple routing tables with device routes. protocol direct { # interface "-eth*", "*"; # Restrict network interfaces it works with } # This pseudo-protocol performs synchronization between BIRD's routing # tables and the kernel. If your kernel supports multiple routing tables # (as Linux 2.2.x does), you can run multiple instances of the kernel # protocol and synchronize different kernel tables with different BIRD tables. protocol kernel { learn; # Learn all alien routes from the kernel # persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds # import none; # Default is import all import filter drop_default; export filter drop_default; ### export all; # Default is export none # kernel table 254; # Kernel table to synchronize with (default: main) } # This pseudo-protocol watches all interface up/down events. protocol device { scan time 10; # Scan interfaces every 10 seconds } # Static routes (again, there can be multiple instances, so that you # can disable/enable various groups of static routes on the fly). protocol static { # disabled; # Disable by default # table testable; # Connect to a non-default table # preference 1000; # Default preference of routes # debug { states, routes, filters, interfaces, events, packets }; # debug all; # route 0.0.0.0/0 via 62.168.0.13; # route 62.168.0.0/25 reject; # route 10.0.0.0/8 reject; # route 10.1.1.0:255.255.255.0 via 62.168.0.3; # route 10.1.2.0:255.255.255.0 via 62.168.0.3; # route 10.1.3.0:255.255.255.0 via 62.168.0.4; # route 10.2.0.0/24 via "arc0"; } # Pipe protocol connects two routing tables... Beware of loops. #protocol pipe { # peer table testable; # Define what routes do we export to this protocol / import from it. # import all; # default is all # export all; # default is none # import none; # If you wish to disable imports # import filter test_filter; # Use named filter # import where source = RTS_DEVICE; # Use explicit filter #} # RIP aka Rest In Pieces... protocol rip TestRIP { # You can also use an explicit name # preference 254; disabled off; realm filter who_is; # debug all; port 520; # period 7; infinity 16; garbage time 60; # interface "eth0" { mode multicast; }; # interface "eth0" { mode broadcast; }; interface "eth0" { mode quiet; }; honor neighbor; # To whom do we agree to send the routing table honor always; honor never; # passwords { password "ahoj" from 0 to 10;} authentication none; # import filter { print "importing"; accept; }; # import all; import filter drop_default; # export all; } # My test RIP # RIP aka Rest In Pieces... protocol rip MyRIP { # You can also use an explicit name disabled on; preference 10; port 520; interface "eth1" { metric 4; mode multicast; }; honor neighbor; # To whom do we agree to send the routing table # honor always; # honor never; authentication none; export filter export_rip; } # Please note, multiple areas still don't work. #protocol ospf MyOSPF { # disabled on; #} # test BGP protocol bgp { disabled on; # debug all; local as 65000; # Use a private AS number neighbor 172.16.1.5 as 65000; # Our neighbor ... export filter drop_default; # import filter drop_default; # source address 172.16.1.1; # Use a non-standard source address }