ansible-crxn-router/roles/bird/templates/bird.conf

################################################
#               Variable header                #
################################################

define DNAS = 4242422923;
define NEOAS = 4201272923;
define RCAS = 64507;
define OWNAS = DNAS;

define DNIP =  {{ network.dnip.ipv4 }};
define DNIPv6 = {{ network.dnip.ipv6 }};

define NEOIP =  {{ network.neoip.ipv4 }};
define NEOIPv6 = {{ network.neoip.ipv6 }};

define DNNET = 172.22.149.224/27;
define DNNETv6 = fd04:234e:fc31::/48;
define DNNET2 = 172.22.149.112/28;

define NEONET = 10.127.149.224/27;
define NEONETv6 = fd10:127:fc31::/48;

define CRXNNET = fd92:58b6:2b2::/48;
define CRXNIP = fd92:58b6:2b2::2;

define RCNET = 172.24.7.0/24;
define RCNETv6 = 2001:db8:dead:beef:4cbe::/80;

define RCIP = 172.24.7.2;
define RCIPv6 = 2001:db8:dead:beef:4cbe::2;

define DNMYIPNET = 172.20.0.81/32;
define DNMYIPNETv6 = fd42:d42:d42:81::/64;

define NEODNS_AUTH = 10.127.255.53/32;
define NEODNS_AUTHv6 = fd10:127:ffff:53::/64;

define NEODNS_RECUR = 10.127.255.54/32;
define NEODNS_RECURv6 = fd10:127:53:53::/64;

define OWNNETSET = [172.22.149.224/27+, 10.127.149.224/27+, 172.20.0.81/32, 172.22.149.112/28+, 172.24.7.0/24+, 10.127.255.53/32+];
define OWNNETSETv6 = [fd04:234e:fc31::/48+, fd10:127:fc31::/48+, fd42:d42:d42:81::/64+, fd92:58b6:2b2::/48+, 2001:db8:dead:beef:4cbe::/80+, fd10:127:ffff:53::/64+];

define DN42_REGION_GEO = 41;
define DN42_REGION_COUNTRY = 1276;

define BANDWIDTH = 25;

################################################
#                 Header end                   #
################################################

router id DNIP;
#router id 44.55.66.77;

include "/etc/bird/netids.conf";

protocol device {
    scan time 10;
}

/*
 *  Utility functions
 */

function is_self_net() {
  return net ~ OWNNETSET;
}

function is_self_net_v6() {
  return net ~ OWNNETSETv6;
}

function is_neonetwork() {
    return net ~ [10.127.0.0/16+] || net ~ [fd10:127::/32+];
}

function is_valid_network() {
  return net ~ [
    172.20.0.0/14{21,29}, # dn42
    172.20.0.0/24{28,32}, # dn42 Anycast
    172.21.0.0/24{28,32}, # dn42 Anycast
    172.22.0.0/24{28,32}, # dn42 Anycast
    172.23.0.0/24{28,32}, # dn42 Anycast
    172.31.0.0/16+,       # ChaosVPN
    10.100.0.0/14+,       # ChaosVPN
    10.127.0.0/16{16,32}, # neonetwork
    10.0.0.0/8{15,24}     # Freifunk.net
  ];
}

function is_valid_network_v6() {
  return net ~ [
    fd00::/8{44,64} # ULA address space as per RFC 4193
  ];
}

function is_own32ipv4() {
	return (net = DNMYIPNET || net = NEODNS_AUTH || net = NEODNS_RECUR);
}

include "/etc/bird/crxn_utilits.conf";

/*
 *  ROA dn42 & neo
 */

roa4 table dn42_roa;
roa6 table dn42_roa_v6;

protocol static {
    roa4 { table dn42_roa; };
    include "/var/lib/bird/dn42-roa4.conf";
};


protocol static {
    roa6 { table dn42_roa_v6; };
    include "/var/lib/bird/dn42-roa6.conf";
};

/*
 *  Forward plane
 */

protocol kernel {
    scan time 20;
    metric 500;

    ipv4 {
        import none;
        export filter {
            if source = RTS_DEVICE then reject;
	    if (has_netid(2)) then {
	        print "Warning: CRXN netid in IPv4", net;
                reject;
            } else if (has_netid(3)) then {
                krt_prefsrc = RCIP;
            } else {
                if is_neonetwork() then {
                    krt_prefsrc = NEOIP;
                } else {
                    krt_prefsrc = DNIP;
                }
            }
	    accept;
        };
    };
}

protocol kernel {
    scan time 20;
    metric 500;

    ipv6 {
        import none;
        export filter {
            if source = RTS_DEVICE then reject;
	    if (has_netid(2)) then {
                krt_prefsrc = CRXNIP;
	    } else if (has_netid(3)) then {
	        krt_prefsrc = RCIPv6;
            } else {
                if is_neonetwork() then {
                    krt_prefsrc = NEOIPv6;
                } else {
                    krt_prefsrc = DNIPv6;
                }
	    }
            accept;
        };
    };
};


/*
 *  OWNNET
 */

protocol static {
    route DNNET reject;
    route DNNET2 reject;

    ipv4 {
        import filter { add_netid(1); accept; };
        export none;
    };
}

protocol static {
    route DNNETv6 reject;
    route DNMYIPNETv6 reject;

    ipv6 {
        import filter { add_netid(1); accept; };     
        export none;
    };
}

protocol static {
    route NEONET reject;

    ipv4 {
        import filter { add_netid(4); accept; };
        export none;
    };
}

protocol static {
    route NEONETv6 reject;
    route NEODNS_AUTHv6 reject;
    route NEODNS_RECURv6 reject;

    ipv6 {
        import filter { add_netid(4); accept; };     
        export none;
    };
}

protocol static {
    route CRXNNET reject;

    ipv6 {
        import filter { add_netid(2); accept; };
        export none;
    };
}

protocol static {
	route RCNET reject;

	ipv4 {
		import filter { add_netid(3); accept; };
		export none;
	};
}

protocol static {
	route RCNETv6 reject;

	ipv6 {
		import filter { add_netid(3); accept; };
		export none;
	};
}

protocol static {
    route fd00::/8 reject;

    ipv6 {
        import filter { add_netid(30); accept; };
        export none;
    };
}

include "/etc/bird/templates.conf";

/*
 *  Other configurations
 */

protocol bfd {}

include "/etc/bird/babel.conf";

include "/etc/bird/community_filters.conf";

include "/etc/bird/crxn.conf";
{% if network.routercity == "true" %}
include "/etc/bird/routercity.conf";
{% endif %}

include "/etc/bird/peers/*";
include "/etc/bird/ibgp_nodes/*";