From 1423df56a52831310f25cf9163bde766b8218dc7 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sun, 8 May 2016 22:43:27 +0200 Subject: [PATCH] troisdorf1 Pre Config --- files/bird-troisdorf1.conf | 84 +++++++++++++++++++++++++++++++++++++ files/bird6-troisdorf1.conf | 82 ++++++++++++++++++++++++++++++++++++ files/interfaces-troisdorf1 | 8 ++-- 3 files changed, 170 insertions(+), 4 deletions(-) create mode 100644 files/bird-troisdorf1.conf create mode 100644 files/bird6-troisdorf1.conf diff --git a/files/bird-troisdorf1.conf b/files/bird-troisdorf1.conf new file mode 100644 index 0000000..708bfe5 --- /dev/null +++ b/files/bird-troisdorf1.conf @@ -0,0 +1,84 @@ +/* + * This is an example configuration file. + */ + +# Yes, even shell-like comments work... + +# Configure logging +#log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; +#log stderr all; +#log "tmp" all; +#log syslog all; + +#debug protocols all; + +# Override router ID +router id 10.188.255.1; + + +protocol direct { + interface "*"; +}; + +protocol kernel { + device routes; + import all; + export all; + kernel table 42; +}; + +protocol device { + scan time 8; +}; + +function is_default() { + return (net ~ [0.0.0.0/0]); +}; + +# own network +function is_self_net() { + return (net ~ [ 10.188.0.0/16+ ]); +} + +# freifunk ip ranges in general +function is_freifunk() { + return net ~ [ 10.0.0.0/8+, + 104.0.0.0/8+ + ]; +} + +filter hostroute { + if net ~ 185.66.193.105/32 then accept; + reject; +}; + +# Uplink über ff Rheinland +template bgp uplink { + local as 65066; + import where is_default(); + export filter hostroute; + next hop self; + multihop 64; + default bgp_local_pref 200; +}; + +protocol bgp ffrl_bb_a_ak_ber from uplink { + source address 100.64.2.151; + neighbor 100.64.2.150 as 201701; +}; + +protocol bgp ffrl_bb_b_ak_ber from uplink { + source address 100.64.2.153; + neighbor 100.64.2.152 as 201701; +}; + +protocol bgp ffrl_bb_a_ix_dus from uplink { + source address 100.64.2.155; + neighbor 100.64.2.154 as 201701; +}; + +protocol bgp ffrl_bb_b_ix_dus from uplink { + source address 100.64.2.157; + neighbor 100.64.2.156 as 201701; +}; + diff --git a/files/bird6-troisdorf1.conf b/files/bird6-troisdorf1.conf new file mode 100644 index 0000000..633ac39 --- /dev/null +++ b/files/bird6-troisdorf1.conf @@ -0,0 +1,82 @@ +# Configure logging +#log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; +#log stderr all; +#log "tmp" all; +#log syslog all; + +#debug protocols all; + +# Override router ID +router id 10.188.255.1; + +protocol direct { +# interface "*"; # Restrict network interfaces it works with +# interface "bat0", "gre-*", "eth*", "lo"; # Restrict network interfaces it works with + interface "bat0", "gre-*", "lo"; # Restrict network interfaces it works with + +} + + +protocol kernel { + device routes; + import all; + export all; # Default is export none + kernel table 42; # Kernel table to synchronize with (default: main) +} + +protocol device { + scan time 10; # Scan interfaces every 10 seconds +} + +function is_default() { + return (net ~ [::/0]); +} + +# own networks +function is_self_net() { +return net ~ [ fda0:747e:ab29:7405::/64+ ]; +} + +# freifunk ip ranges in general +function is_freifunk() { +return net ~ [ fc00::/7{48,64}, +2001:bf7::/32+]; +} + +filter hostroute { + if net ~ 2a03:2260:121::/48 then accept; + reject; +} + + + +# Uplink zum FF Rheinland +template bgp uplink { + local as 65066; + import where is_default(); + export filter hostroute; + gateway recursive; +} + + +protocol bgp ffrl_bb_a_ak_ber from uplink { + source address 2a03:2260:0:155::2; + neighbor 2a03:2260:0:155::1 as 201701; +} + +protocol bgp ffrl_bb_b_ak_ber from uplink { + source address 2a03:2260:0:156::2; + neighbor 2a03:2260:0:156::1 as 201701; +} + + +protocol bgp ffrl_bb_a_ix_dus from uplink { + source address 2a03:2260:0:157::2; + neighbor 2a03:2260:0:157::1 as 201701; +} + +protocol bgp ffrl_bb_b_ix_dus from uplink { + source address 2a03:2260:0:158::2; + neighbor 2a03:2260:0:158::1 as 201701; +} + diff --git a/files/interfaces-troisdorf1 b/files/interfaces-troisdorf1 index c95ad83..83048a3 100644 --- a/files/interfaces-troisdorf1 +++ b/files/interfaces-troisdorf1 @@ -33,7 +33,7 @@ auto gre-bb-a.ak.ber iface gre-bb-a.ak.ber inet static address 100.64.2.151 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -50,7 +50,7 @@ auto gre-bb-b.ak.ber iface gre-bb-b.ak.ber inet static address 100.64.2.153 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -68,7 +68,7 @@ auto gre-bb-a.ix.dus iface gre-bb-a.ix.dus inet static address 100.64.2.155 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -86,7 +86,7 @@ auto gre-bb-b.ix.dus iface gre-bb-b.ix.dus inet static address 100.64.2.157 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400