<div dir="ltr">The message below is the configuration for bird that I have written.<div><br></div><div><div style="color:rgb(212,212,212);background-color:rgb(30,30,30);font-family:"Droid Sans Mono","monospace",monospace;font-size:14px;line-height:19px;white-space:pre"><div>router id 103.147.22.92<span style="color:rgb(106,153,85)">;</span></div><br><div>roa4 table r4<span style="color:rgb(106,153,85)">;</span></div><div>roa6 table r6<span style="color:rgb(106,153,85)">;</span></div><div>ipv6 table bgp_v6<span style="color:rgb(106,153,85)">; #For allowed to carry downstream</span></div><div>ipv6 table bgp_v6_own<span style="color:rgb(106,153,85)">; #For not allowed to carry downstream</span></div><br><div>log syslog all<span style="color:rgb(106,153,85)">;</span></div><br><br><div>define <span style="color:rgb(86,156,214)">LOCAL_ASN</span> = 141011<span style="color:rgb(106,153,85)">;</span></div><br><br><br><div>protocol static BGP_Prefix{</div><div> ipv6<span style="color:rgb(106,153,85)">;</span></div><div> route 2a0c:e640:1019::/48 reject<span style="color:rgb(106,153,85)">;</span></div><div> <span style="color:rgb(106,153,85)">#route 2a0c:e640:1011::/48 via 2a0c:e640:1011::1;</span></div><div>}</div><br><div>protocol kernel { <span style="color:rgb(106,153,85)"># For bgp that allow downstream</span></div><div> kernel table 147<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6<span style="color:rgb(106,153,85)">;</span></div><div> export filter {</div><div> <span style="color:rgb(86,156,214)">krt_realm</span> = 3<span style="color:rgb(106,153,85)">;</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> import all<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>protocol kernel { <span style="color:rgb(106,153,85)"># For bgp that don't allow downstream</span></div><div> kernel table 247<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6_own<span style="color:rgb(106,153,85)">;</span></div><div> export filter {</div><div> <span style="color:rgb(86,156,214)">krt_realm</span> = 1<span style="color:rgb(106,153,85)">;</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> import all<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>protocol kernel {</div><div> learn<span style="color:rgb(106,153,85)">;</span></div><div><span style="color:rgb(106,153,85)"># persist;</span></div><div> ipv6 {</div><div> import all<span style="color:rgb(106,153,85)">;</span></div><div> export filter {</div><div> <span style="color:rgb(106,153,85)">#krt_prefsrc = 2a0c:e640:101a::1;</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><br><div>protocol device {</div><div> scan time 60<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>protocol direct {</div><div> <span style="color:rgb(106,153,85)">#interface "dummy*";</span></div><div> ipv6 { </div><div> import all<span style="color:rgb(106,153,85)">;</span></div><div> export all<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function net_len_too_long(){</div><div> case net.type {</div><div> NET_IP4: return net.len > 24<span style="color:rgb(106,153,85)">; # IPv4 CIDR 大于 /24 为太长</span></div><div> NET_IP6: return net.len > 48<span style="color:rgb(106,153,85)">; # IPv6 CIDR 大于 /48 为太长</span></div><div> else: print <span style="color:rgb(206,145,120)">"net_len_too_long: unexpected net.type "</span>, net.type, <span style="color:rgb(206,145,120)">" "</span>, net<span style="color:rgb(106,153,85)">; return false;</span></div><div> }</div><div>}</div><br><div>define <span style="color:rgb(86,156,214)">BOGON_ASNS</span> = [</div><div> 0, <span style="color:rgb(106,153,85)"># RFC 7607</span></div><div> 23456, <span style="color:rgb(106,153,85)"># RFC 4893 AS_TRANS</span></div><div> 64496..64511, <span style="color:rgb(106,153,85)"># RFC 5398 and documentation/example ASNs</span></div><div> 64512..65534, <span style="color:rgb(106,153,85)"># RFC 6996 Private ASNs</span></div><div> 65535, <span style="color:rgb(106,153,85)"># RFC 7300 Last 16 bit ASN</span></div><div> 65536..65551, <span style="color:rgb(106,153,85)"># RFC 5398 and documentation/example ASNs</span></div><div> 65552..131071, <span style="color:rgb(106,153,85)"># RFC IANA reserved ASNs</span></div><div> 4200000000..4294967294, <span style="color:rgb(106,153,85)"># RFC 6996 Private ASNs</span></div><div> 4294967295 <span style="color:rgb(106,153,85)"># RFC 7300 Last 32 bit ASN</span></div><div>]<span style="color:rgb(106,153,85)">;</span></div><div>define <span style="color:rgb(86,156,214)">BOGON_PREFIXES_V4</span> = [</div><div> <a href="http://0.0.0.0/8+">0.0.0.0/8+</a>, <span style="color:rgb(106,153,85)"># RFC 1122 'this' network</span></div><div> <a href="http://10.0.0.0/8+">10.0.0.0/8+</a>, <span style="color:rgb(106,153,85)"># RFC 1918 private space</span></div><div> <a href="http://100.64.0.0/10+">100.64.0.0/10+</a>, <span style="color:rgb(106,153,85)"># RFC 6598 Carrier grade nat space</span></div><div> <a href="http://127.0.0.0/8+">127.0.0.0/8+</a>, <span style="color:rgb(106,153,85)"># RFC 1122 localhost</span></div><div> <a href="http://169.254.0.0/16+">169.254.0.0/16+</a>, <span style="color:rgb(106,153,85)"># RFC 3927 link local</span></div><div> <a href="http://172.16.0.0/12+">172.16.0.0/12+</a>, <span style="color:rgb(106,153,85)"># RFC 1918 private space </span></div><div> <a href="http://192.0.2.0/24+">192.0.2.0/24+</a>, <span style="color:rgb(106,153,85)"># RFC 5737 TEST-NET-1</span></div><div> <a href="http://192.88.99.0/24+">192.88.99.0/24+</a>, <span style="color:rgb(106,153,85)"># RFC 7526 deprecated 6to4 relay anycast. If you wish to allow this, change `24+` to `24{25,32}`(no more specific)</span></div><div> <a href="http://192.168.0.0/16+">192.168.0.0/16+</a>, <span style="color:rgb(106,153,85)"># RFC 1918 private space</span></div><div> <a href="http://198.18.0.0/15+">198.18.0.0/15+</a>, <span style="color:rgb(106,153,85)"># RFC 2544 benchmarking</span></div><div> <a href="http://198.51.100.0/24+">198.51.100.0/24+</a>, <span style="color:rgb(106,153,85)"># RFC 5737 TEST-NET-2</span></div><div> <a href="http://203.0.113.0/24+">203.0.113.0/24+</a>, <span style="color:rgb(106,153,85)"># RFC 5737 TEST-NET-3</span></div><div> <a href="http://224.0.0.0/4+">224.0.0.0/4+</a>, <span style="color:rgb(106,153,85)"># multicast</span></div><div> <a href="http://240.0.0.0/4+">240.0.0.0/4+</a> <span style="color:rgb(106,153,85)"># reserved</span></div><div>]<span style="color:rgb(106,153,85)">;</span></div><div>define <span style="color:rgb(86,156,214)">BOGON_PREFIXES_V6</span> = [</div><div> ::/8+, <span style="color:rgb(106,153,85)"># RFC 4291 IPv4-compatible, loopback, et al </span></div><div> 0100::/64+, <span style="color:rgb(106,153,85)"># RFC 6666 Discard-Only</span></div><div> 2001::/32{33,128}, <span style="color:rgb(106,153,85)"># RFC 4380 Teredo, no more specific</span></div><div> 2001:2::/48+, <span style="color:rgb(106,153,85)"># RFC 5180 BMWG</span></div><div> 2001:10::/28+, <span style="color:rgb(106,153,85)"># RFC 4843 ORCHID</span></div><div> 2001:db8::/32+, <span style="color:rgb(106,153,85)"># RFC 3849 documentation</span></div><div> 2002::/16+, <span style="color:rgb(106,153,85)"># RFC 7526 deprecated 6to4 relay anycast. If you wish to allow this, change `16+` to `16{17,128}`(no more specific)</span></div><div> 3ffe::/16+, <span style="color:rgb(106,153,85)"># RFC 3701 old 6bone</span></div><div> fc00::/7+, <span style="color:rgb(106,153,85)"># RFC 4193 unique local unicast</span></div><div> fe80::/10+, <span style="color:rgb(106,153,85)"># RFC 4291 link local unicast</span></div><div> fec0::/10+, <span style="color:rgb(106,153,85)"># RFC 3879 old site local unicast</span></div><div> ff00::/8+ <span style="color:rgb(106,153,85)"># RFC 4291 multicast</span></div><div>]<span style="color:rgb(106,153,85)">;</span></div><br><div>function is_bogon_prefix() {</div><div> case net.type {</div><div> NET_IP4: return net ~ BOGON_PREFIXES_V4<span style="color:rgb(106,153,85)">;</span></div><div> NET_IP6: return net ~ BOGON_PREFIXES_V6<span style="color:rgb(106,153,85)">;</span></div><div> else: print <span style="color:rgb(206,145,120)">"is_bogon_prefix: unexpected net.type "</span>, net.type, <span style="color:rgb(206,145,120)">" "</span>, net<span style="color:rgb(106,153,85)">; return false;</span></div><div> }</div><div>}</div><br><div>function is_bogon_asn() {</div><div> if bgp_path ~ BOGON_ASNS then return true<span style="color:rgb(106,153,85)">;</span></div><div> return false<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>protocol rpki {</div><div><span style="color:rgb(106,153,85)"># debug all;</span></div><br><div> roa4 { table r4<span style="color:rgb(106,153,85)">; };</span></div><div> roa6 { table r6<span style="color:rgb(106,153,85)">; };</span></div><br><div> <span style="color:rgb(106,153,85)"># Please, do not use <a href="http://rpki-validator.realmv6.org">rpki-validator.realmv6.org</a> in production</span></div><div> remote <span style="color:rgb(206,145,120)">"<a href="http://rtr.rpki.cloudflare.com">rtr.rpki.cloudflare.com</a>"</span> port 8282<span style="color:rgb(106,153,85)">;</span></div><br><div> retry keep 5<span style="color:rgb(106,153,85)">;</span></div><div> refresh keep 30<span style="color:rgb(106,153,85)">;</span></div><div> expire 600<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>filter peer_in_v6 {</div><div> if is_bogon_asn() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon asn"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon_prefix() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon prefix"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if (roa_check(r6, net, bgp_path.last) = ROA_INVALID) then</div><div> {</div><div> print <span style="color:rgb(206,145,120)">"Ignore RPKI invalid "</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function my_opt_prefix()</div><div>prefix set allowed_prefix<span style="color:rgb(106,153,85)">;</span></div><div>int set allowed_prefix_origins<span style="color:rgb(106,153,85)">;</span></div><div>{</div><div> include <span style="color:rgb(206,145,120)">"/etc/bird/filters/allowed_prefix.conf"</span><span style="color:rgb(106,153,85)">;</span></div><div> if net ~ allowed_prefix then return true<span style="color:rgb(106,153,85)">;</span></div><div> else return false<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function is_bogon() {</div><div> if is_bogon_asn() then return true<span style="color:rgb(106,153,85)">;</span></div><div> if is_bogon_prefix() then return true<span style="color:rgb(106,153,85)">;</span></div><div> if net_len_too_long() then return true<span style="color:rgb(106,153,85)">;</span></div><div> return false<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function bgp_export() </div><div>prefix set allowed_prefix<span style="color:rgb(106,153,85)">;</span></div><div>int set allowed_prefix_origins<span style="color:rgb(106,153,85)">;</span></div><div>{</div><div> include <span style="color:rgb(206,145,120)">"/etc/bird/filters/allowed_prefix.conf"</span><span style="color:rgb(106,153,85)">;</span></div><div><span style="color:rgb(106,153,85)"># print AS_HUIZE;</span></div><div> if net !~ allowed_prefix then {</div><div><span style="color:rgb(106,153,85)"># if net ~ OUR_PREFIXES then print " net",net," is not echo to AS_HUIZE";</span></div><div> return false<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon() then return false<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_large_community ~ [(141011, 4, 23000)] then return false<span style="color:rgb(106,153,85)">;</span></div><div> if <span style="color:rgb(86,156,214)">proto</span> = <span style="color:rgb(206,145,120)">"BGP_Prefix"</span> then return true<span style="color:rgb(106,153,85)">;</span></div><div> if source != RTS_BGP then return false<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_large_community !~ [(141011, 2, 1)] then return false<span style="color:rgb(106,153,85)">;</span></div><div> return true<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function bgp_export_all() {</div><div> if bgp_export() then return true<span style="color:rgb(106,153,85)">;</span></div><div> if is_bogon_asn() then return false<span style="color:rgb(106,153,85)">;</span></div><div> if is_bogon_prefix() then return false<span style="color:rgb(106,153,85)">; </span></div><div> if source != RTS_BGP then return false<span style="color:rgb(106,153,85)">;</span></div><div> return true<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>function bgp_export_downstream() {</div><div> if is_bogon_asn() then return false<span style="color:rgb(106,153,85)">;</span></div><div> if is_bogon_prefix() then return false<span style="color:rgb(106,153,85)">; </span></div><div> if source != RTS_BGP then return false<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_large_community ~ [(141011, 4, 31000)] then return false<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_large_community !~ [(141011, 2, 100)] then return false<span style="color:rgb(106,153,85)">;</span></div><div> return true<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>template bgp tpl_bgp {</div><div> allow bgp_local_pref on<span style="color:rgb(106,153,85)">;</span></div><div> graceful restart on<span style="color:rgb(106,153,85)">;</span></div><div> local as LOCAL_ASN<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6<span style="color:rgb(106,153,85)">;</span></div><div> preference 110<span style="color:rgb(106,153,85)">;</span></div><div> next hop self<span style="color:rgb(106,153,85)">;</span></div><div> import filter{</div><div> if is_bogon_asn() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon asn"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon_prefix() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon prefix"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if (roa_check(r6, net, bgp_path.last) = ROA_INVALID) then</div><div> {</div><div> print <span style="color:rgb(206,145,120)">"Ignore RPKI invalid "</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> bgp_large_community.delete([(141011, 2, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.delete([(141011, 1, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.delete([(141011, 3, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.add((141011, 3, 31000))<span style="color:rgb(106,153,85)">;</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><br><div> export filter{</div><div> <span style="color:rgb(106,153,85)">#if my_opt_prefix() then bgp_path.prepend(LOCAL_ASN); </span></div><div> if bgp_export() then accept<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_export_downstream() then accept<span style="color:rgb(106,153,85)">;</span></div><div> else reject<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><div>template bgp tpl_bgp_own {</div><div> allow bgp_local_pref on<span style="color:rgb(106,153,85)">;</span></div><div> graceful restart on<span style="color:rgb(106,153,85)">;</span></div><div> local as LOCAL_ASN<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6_own<span style="color:rgb(106,153,85)">;</span></div><div> preference 110<span style="color:rgb(106,153,85)">;</span></div><div> next hop self<span style="color:rgb(106,153,85)">;</span></div><div> import filter{</div><div> if is_bogon_asn() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon asn"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon_prefix() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon prefix"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if (roa_check(r6, net, bgp_path.last) = ROA_INVALID) then</div><div> {</div><div> print <span style="color:rgb(206,145,120)">"Ignore RPKI invalid "</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> bgp_large_community.delete([(141011, 2, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.delete([(141011, 1, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.delete([(141011, 3, *)])<span style="color:rgb(106,153,85)">;</span></div><div> bgp_large_community.add((141011, 1, 31000))<span style="color:rgb(106,153,85)">;</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><br><div> export filter{</div><div> <span style="color:rgb(106,153,85)">#if my_opt_prefix() then bgp_path.prepend(LOCAL_ASN); </span></div><div> if bgp_export() then accept<span style="color:rgb(106,153,85)">;</span></div><div> <span style="color:rgb(106,153,85)">#if bgp_export_downstream() then accept;</span></div><div> else reject<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>template bgp tpl_ibgp {</div><div> local as LOCAL_ASN<span style="color:rgb(106,153,85)">;</span></div><div> graceful restart<span style="color:rgb(106,153,85)">;</span></div><div> rr client<span style="color:rgb(106,153,85)">;</span></div><div> direct<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6<span style="color:rgb(106,153,85)">;</span></div><div> next hop self<span style="color:rgb(106,153,85)">;</span></div><div> import filter {</div><div> <span style="color:rgb(106,153,85)">#if bgp_path ~ [= 141011 =] then bgp_path.delete(141011);</span></div><div> if is_bogon_asn() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon asn"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon_prefix() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon prefix"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> <span style="color:rgb(106,153,85)"># if bgp_path ~ [= =] then {</span></div><div> <span style="color:rgb(106,153,85)"># #bgp_path.prepend(LOCAL_ASN);</span></div><div> <span style="color:rgb(106,153,85)"># if my_opt_prefix() then bgp_path.prepend(LOCAL_ASN); </span></div><div> <span style="color:rgb(106,153,85)"># }</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> export filter {</div><div> if net ~ 2a0c:e640:1011::/48 then bgp_large_community.add((141011, 4, 27000))<span style="color:rgb(106,153,85)">;</span></div><div> if net ~ 2a0c:e640:1011::/48 then bgp_large_community.add((141011, 4, 24000))<span style="color:rgb(106,153,85)">;</span></div><div> if net ~ 2a0c:e640:1011::/48 then bgp_large_community.add((141011, 4, 21000))<span style="color:rgb(106,153,85)">;</span></div><div> <span style="color:rgb(106,153,85)">#if net ~ 2a0c:e640:101a::/48 then bgp_large_community.add((141011, 4, 24000));</span></div><div> <span style="color:rgb(106,153,85)">#if net ~ 2a0c:e640:101a::/48 then bgp_large_community.add((141011, 4, 21000));</span></div><div> <span style="color:rgb(106,153,85)">#if net ~ 2a0c:e640:101a::/48 then bgp_large_community.add((141011, 4, 27000));</span></div><div> <span style="color:rgb(106,153,85)">#if net ~ 2a0c:e640:101a::/48 then bgp_large_community.add((141011, 2, 1));</span></div><div> if <span style="color:rgb(86,156,214)">proto</span> = <span style="color:rgb(206,145,120)">"BGP_Prefix"</span> then bgp_large_community.add((141011, 2, 1))<span style="color:rgb(106,153,85)">;</span></div><div><span style="color:rgb(106,153,85)"># if my_opt_prefix() then bgp_path.prepend(LOCAL_ASN);</span></div><div> if bgp_export_all() then accept<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><br><div>template bgp tpl_ibgp_own {</div><div> <span style="color:rgb(106,153,85)"># ibgp transfer table which cannot have downstream</span></div><div> local as LOCAL_ASN<span style="color:rgb(106,153,85)">;</span></div><div> graceful restart<span style="color:rgb(106,153,85)">;</span></div><div> rr client<span style="color:rgb(106,153,85)">;</span></div><div> direct<span style="color:rgb(106,153,85)">;</span></div><div> ipv6 {</div><div> table bgp_v6_own<span style="color:rgb(106,153,85)">;</span></div><div> next hop self<span style="color:rgb(106,153,85)">;</span></div><div> import filter {</div><div> <span style="color:rgb(106,153,85)">#if bgp_path ~ [= 141011 =] then bgp_path.delete(141011);</span></div><div> if is_bogon_asn() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon asn"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> if is_bogon_prefix() then {</div><div> print <span style="color:rgb(206,145,120)">"is bogon prefix"</span>, net, <span style="color:rgb(206,145,120)">" for ASN "</span>, bgp_path.last<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }</div><div> <span style="color:rgb(106,153,85)"># if bgp_path ~ [= =] then {</span></div><div> <span style="color:rgb(106,153,85)"># #bgp_path.prepend(LOCAL_ASN);</span></div><div> <span style="color:rgb(106,153,85)"># if my_opt_prefix() then bgp_path.prepend(LOCAL_ASN); </span></div><div> <span style="color:rgb(106,153,85)"># }</span></div><div> accept<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> export filter {</div><div> if <span style="color:rgb(86,156,214)">proto</span> = <span style="color:rgb(206,145,120)">"BGP_Prefix"</span> then bgp_large_community.add((141011, 2, 1))<span style="color:rgb(106,153,85)">;</span></div><div> if bgp_export_all() then accept<span style="color:rgb(106,153,85)">;</span></div><div> reject<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div> }<span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><div>protocol pipe { <span style="color:rgb(106,153,85)"># Synchronize the routing table that can carry downstream and cannot be written to the main routing table</span></div><div> table bgp_v6<span style="color:rgb(106,153,85)">;</span></div><div> peer table master6<span style="color:rgb(106,153,85)">;</span></div><div> export all<span style="color:rgb(106,153,85)">;</span></div><div> import where <span style="color:rgb(86,156,214)">proto</span> = <span style="color:rgb(206,145,120)">"BGP_Prefix"</span> <span style="color:rgb(106,153,85)">; #Synchronize the prefixes that the local machine needs to announce into 2 tables for BGP</span></div><div>}</div><br><div>protocol pipe { </div><div> table bgp_v6_own<span style="color:rgb(106,153,85)">;</span></div><div> peer table master6<span style="color:rgb(106,153,85)">;</span></div><div> export all<span style="color:rgb(106,153,85)">;</span></div><div> import where <span style="color:rgb(86,156,214)">proto</span> = <span style="color:rgb(206,145,120)">"BGP_Prefix"</span><span style="color:rgb(106,153,85)">;</span></div><div>}</div><br><br><br><div>include <span style="color:rgb(206,145,120)">"/etc/bird/peers/*"</span><span style="color:rgb(106,153,85)">;</span></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Brandon Zhi <<a href="mailto:Brandon@huize.asia">Brandon@huize.asia</a>> 於 2022年7月13日週三 下午1:20寫道:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Vincent,<div><br></div><div>Thanks for helping.</div><div><br></div><div>Well, I have already done it.</div><div><br></div><div>Our real problem is how to get the packets from downstream to the routing table I need.<br><br>Because bird is just a software for importing or exporting routing tables, it is the Linux kernel that is really responsible for forwarding packets.<br><br>In the case where I don't set any ip rule, all packets will use a routing table called main.<br><br>Is there any way I can achieve this?<br></div><div><br></div><div><br></div><div><div>We have only one interface for BGP: ens18</div><div>And our IP Address is: 2a0f:5707:ffe3::57 AS141011</div><div>Our customers assume is: 2a0f:5707:ffe3::1 AS1</div><div>Our upstream which allowed downstream:2a0f:5707:ffe3::30 AS6939</div><div><br></div><div>Therefore we have a BGP session with AS1 and a BGP session with AS6939</div><div>AS6939 > Table 147<br></div><div><br></div></div><div>How should I make the traffic from AS1 (2a0f:5707:ffe3::1) use table 147?<br></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Vincent Bernat <<a href="mailto:bernat@luffy.cx" target="_blank">bernat@luffy.cx</a>> 於 2022年7月13日週三 上午8:03寫道:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 2022-07-13 08:08, Brandon Zhi wrote:<br>
<br>
> We created a bgp_v6 (IBGP) session on tunnel1 that allows downstream BGP <br>
> sessions like HE(Hurricane Electric) and put the routing table into <br>
> table 147.<br>
> <br>
> Create bgp_v6_own(IBGP) on tunnel2 to transmit those routing tables from <br>
> BGP that cannot carry downstream to Table 247<br>
<br>
You can use the pipe protocol to copy some routes from one table to the <br>
other. So, you'll need one table to receive routes from BGP, then you <br>
can have two "pipe" protocols to copy them on table 147 and table 247.<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr"><div dir="ltr"><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><b style="font-size:12px;color:rgb(24,43,75);font-family:Helvetica,sans-serif">Brandon Zhi</b></div><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><font color="#5f5f5f" face="Helvetica, sans-serif"><span style="font-size:10.6667px">HUIZE LTD</span></font></div><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small"><span lang="EN-HK" style="font-size:8pt;font-family:Helvetica,sans-serif;color:black"><a href="https://huize.asia/" style="outline:none;color:rgb(40,108,69)" target="_blank"><span style="color:rgb(4,74,145)">www.huize.asia</span> </a>| <a href="https://www.ixp.su/" style="outline:none;color:rgb(40,108,69)" target="_blank"><span style="color:rgb(4,74,145)">www.ixp.su</span></a> | <a href="https://twitter.com/zhihuiyuze" style="outline:none;color:rgb(17,85,204)" target="_blank">Twitter</a></span></p><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small"><br></p><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small">This e-mail and any attachments or any reproduction of this e-mail in whatever manner are confidential and for the use of the addressee(s) only. HUIZE LTD can’t take any liability and guarantee of the text of the email message and virus.</p></div></div></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><b style="font-size:12px;color:rgb(24,43,75);font-family:Helvetica,sans-serif">Brandon Zhi</b></div><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><font color="#5f5f5f" face="Helvetica, sans-serif"><span style="font-size:10.6667px">HUIZE LTD</span></font></div><div style="color:rgb(0,0,0);font-family:"lucida Grande",Verdana;font-size:14px"><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small"><span lang="EN-HK" style="font-size:8pt;font-family:Helvetica,sans-serif;color:black"><a href="https://huize.asia/" style="outline:none;color:rgb(40,108,69)" target="_blank"><span style="color:rgb(4,74,145)">www.huize.asia</span> </a>| <a href="https://www.ixp.su/" style="outline:none;color:rgb(40,108,69)" target="_blank"><span style="color:rgb(4,74,145)">www.ixp.su</span></a> | <a href="https://twitter.com/zhihuiyuze" style="outline:none;color:rgb(17,85,204)" target="_blank">Twitter</a></span></p><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small"><br></p><p class="MsoNormal" style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;font-size:small">This e-mail and any attachments or any reproduction of this e-mail in whatever manner are confidential and for the use of the addressee(s) only. HUIZE LTD can’t take any liability and guarantee of the text of the email message and virus.</p></div></div></div>