|
version 1.1.2.1, 2017/08/22 14:36:56
|
version 1.1.2.2, 2020/06/11 00:54:19
|
|
Line 1
|
Line 1
|
| /* | # This is a basic configuration file, which contains boilerplate options and |
| * This is an example configuration file. | # some basic examples. It allows the BIRD daemon to start but will not cause |
| */ | # anything else to happen. |
| | # |
| | # Please refer to the BIRD User's Guide documentation, which is also available |
| | # online at http://bird.network.cz/ in HTML format, for more information on |
| | # configuring BIRD and adding routing protocols. |
| |
|
| # Yes, even shell-like comments work... |
|
| |
|
| # Configure logging |
# Configure logging |
| #log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; | log syslog all; |
| #log stderr all; | # log "/var/log/bird.log" { debug, trace, info, remote, warning, error, auth, fatal, bug }; |
| #log "tmp" all; | |
| |
|
| # Override router ID | # Set router ID. It is a unique identification of your router, usually one of |
| #router id 198.51.100.1; | # IPv4 addresses of the router. It is recommended to configure it explicitly. |
| | # router id 198.51.100.1; |
| |
|
| # You can define your own symbols... | # Turn on global debugging of all protocols (all messages or just selected classes) |
| #define xyzzy = (120+10); | # debug protocols all; |
| #define '1a-a1' = (30+40); | # debug protocols { events, states }; |
| |
|
| # Define a route filter... | # Turn on internal watchdog |
| #filter test_filter { | # watchdog warning 5 s; |
| # if net ~ 10.0.0.0/16 then accept; | # watchdog timeout 30 s; |
| # else reject; | |
| #} | |
| |
|
| #filter sink { reject; } | # You can define your own constants |
| #filter okay { accept; } | # define my_asn = 65000; |
| | # define my_addr = 198.51.100.1; |
| |
|
| #include "filters.conf"; | # Tables master4 and master6 are defined by default |
| | # ipv4 table master4; |
| | # ipv6 table master6; |
| |
|
| # Define another routing table | # Define more tables, e.g. for policy routing or as MRIB |
| #table testable; | # ipv4 table mrib4; |
| | # ipv6 table mrib6; |
| |
|
| # Turn on global debugging of all protocols | # The Device protocol is not a real routing protocol. It does not generate any |
| #debug protocols all; | # routes and it only serves as a module for getting information about network |
| | # interfaces from the kernel. It is necessary in almost any configuration. |
| | protocol device { |
| | } |
| |
|
| # Turn on internal watchdog | # The direct protocol is not a real routing protocol. It automatically generates |
| #watchdog warning 5 s; | # direct routes to all network interfaces. Can exist in as many instances as you |
| #watchdog timeout 30 s; | # wish if you want to populate multiple routing tables with direct routes. |
| | protocol direct { |
| | disabled; # Disable by default |
| | ipv4; # Connect to default IPv4 table |
| | ipv6; # ... and to default IPv6 table |
| | } |
| |
|
| # The direct protocol automatically generates device routes to | # The Kernel protocol is not a real routing protocol. Instead of communicating |
| # all network interfaces. Can exist in as many instances as you wish | # with other routers in the network, it performs synchronization of BIRD |
| # if you want to populate multiple routing tables with device routes. | # routing tables with the OS kernel. One instance per table. |
| #protocol direct { | |
| # interface "-eth*", "*"; # Restrict network interfaces it works with | |
| #} | |
| |
| # This pseudo-protocol performs synchronization between BIRD's routing | |
| # tables and the kernel. If your kernel supports multiple routing tables | |
| # (as Linux 2.2.x does), you can run multiple instances of the kernel | |
| # protocol and synchronize different kernel tables with different BIRD tables. | |
| protocol kernel { |
protocol kernel { |
| # learn; # Learn all alien routes from the kernel | ipv4 { # Connect protocol to IPv4 table by channel |
| persist; # Don't remove routes on bird shutdown | # table master4; # Default IPv4 table is master4 |
| scan time 20; # Scan kernel routing table every 20 seconds | # import all; # Import to table, default is import all |
| # import none; # Default is import all | export all; # Export to protocol. default is export none |
| export all; # Default is export none | }; |
| # kernel table 5; # Kernel table to synchronize with (default: main) | # learn; # Learn alien routes from the kernel |
| | # kernel table 10; # Kernel table to synchronize with (default: main) |
| } |
} |
| |
|
| # This pseudo-protocol watches all interface up/down events. | # Another instance for IPv6, skipping default options |
| protocol device { | protocol kernel { |
| scan time 10; # Scan interfaces every 10 seconds | ipv6 { export all; }; |
| } |
} |
| |
|
| # Static routes (again, there can be multiple instances, so that you | # Static routes (Again, there can be multiple instances, for different address |
| # can disable/enable various groups of static routes on the fly). | # families and to disable/enable various groups of static routes on the fly). |
| protocol static { |
protocol static { |
| # disabled; # Disable by default | ipv4; # Again, IPv4 channel with default options |
| # table testable; # Connect to a non-default table | |
| # preference 1000; # Default preference of routes | # route 0.0.0.0/0 via 198.51.100.10; |
| # debug { states, routes, filters, interfaces, events, packets }; | # route 192.0.2.0/24 blackhole; |
| # debug all; | |
| # route 0.0.0.0/0 via 198.51.100.13; | |
| # route 198.51.100.0/25 unreachable; | |
| # route 10.0.0.0/8 unreachable; |
# route 10.0.0.0/8 unreachable; |
| # route 10.1.1.0:255.255.255.0 via 198.51.100.3; | # route 10.2.0.0/24 via "eth0"; |
| # route 10.1.2.0:255.255.255.0 via 198.51.100.3; | # # Static routes can be defined with optional attributes |
| # route 10.1.3.0:255.255.255.0 via 198.51.100.4; | # route 10.1.1.0/24 via 198.51.100.3 { rip_metric = 3; }; |
| # route 10.2.0.0/24 via "arc0"; | # route 10.1.2.0/24 via 198.51.100.3 { ospf_metric1 = 100; }; |
| | # route 10.1.3.0/24 via 198.51.100.4 { ospf_metric2 = 100; }; |
| } |
} |
| |
|
| # Pipe protocol connects two routing tables... Beware of loops. | # Pipe protocol connects two routing tables. Beware of loops. |
| #protocol pipe { | # protocol pipe { |
| # peer table testable; | # table master4; # No ipv4/ipv6 channel definition like in other protocols |
| # Define what routes do we export to this protocol / import from it. | # peer table mrib4; |
| # import all; # default is all | # import all; # Direction peer table -> table |
| # export all; # default is none | # export all; # Direction table -> peer table |
| # import none; # If you wish to disable imports | # } |
| # import filter test_filter; # Use named filter | |
| # import where source = RTS_DEVICE; # Use explicit filter | |
| #} | |
| |
|
| # RIP aka Rest In Pieces... | # RIP example, both RIP and RIPng are supported |
| #protocol rip MyRIP { # You can also use an explicit name | # protocol rip { |
| # preference xyzzy; | # ipv4 { |
| # debug all; | # # Export direct, static routes and ones from RIP itself |
| # port 1520; | # import all; |
| # period 7; | # export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_RIP ]; |
| # infinity 16; | |
| # garbage time 60; | |
| # interface "*" { mode broadcast; }; | |
| # honor neighbor; # To whom do we agree to send the routing table | |
| # honor always; | |
| # honor never; | |
| # passwords { | |
| # password "nazdar"; | |
| # }; |
# }; |
| # authentication none; | # interface "eth*" { |
| # import filter { print "importing"; accept; }; | # update time 10; # Default period is 30 |
| # export filter { print "exporting"; accept; }; | # timeout time 60; # Default timeout is 180 |
| #} | # authentication cryptographic; # No authentication by default |
| | # password "hello" { algorithm hmac sha256; }; # Default is MD5 |
| | # }; |
| | # } |
| |
|
| #protocol ospf MyOSPF { | # OSPF example, both OSPFv2 and OSPFv3 are supported |
| # tick 2; | # protocol ospf v3 { |
| # rfc1583compat yes; | # ipv6 { |
| # area 0.0.0.0 { | # import all; |
| # stub no; | # export where source = RTS_STATIC; |
| | # }; |
| | # area 0 { |
| # interface "eth*" { |
# interface "eth*" { |
| # hello 9; | # type broadcast; # Detected by default |
| # retransmit 6; | # cost 10; # Interface metric |
| # cost 10; | # hello 5; # Default hello perid 10 is too long |
| # transmit delay 5; | |
| # dead count 5; | |
| # wait 50; | |
| # type broadcast; | |
| # authentication simple; | |
| # password "pass"; | |
| # }; |
# }; |
| # interface "arc0" { | # interface "tun*" { |
| # rx buffer large; | # type ptp; # PtP mode, avoids DR selection |
| # type nonbroadcast; | # cost 100; # Interface metric |
| # poll 14; | # hello 5; # Default hello perid 10 is too long |
| # dead 75; | |
| # neighbors { | |
| # 10.1.1.2 eligible; | |
| # 10.1.1.4; | |
| # }; | |
| # strict nonbroadcast yes; | |
| # }; |
# }; |
| # interface "xxx0" { | # interface "dummy0" { |
| # passwords { | # stub; # Stub interface, just propagate it |
| # password "abc" { | |
| # id 1; | |
| # generate to "22-04-2003 11:00:06"; | |
| # accept to "17-01-2004 12:01:05"; | |
| # }; | |
| # password "def" { | |
| # id 2; | |
| # generate from "22-04-2003 11:00:07"; | |
| # accept from "17-01-2003 12:01:05"; | |
| # }; | |
| # }; | |
| # authentication cryptographic; | |
| # }; |
# }; |
| # }; |
# }; |
| # area 20 { |
|
| # stub 1; |
|
| # interface "ppp1" { |
|
| # hello 8; |
|
| # authentication none; |
|
| # }; |
|
| # interface "fr*"; |
|
| # virtual link 192.168.0.1 { |
|
| # password "sdsdffsdfg"; |
|
| # authentication cryptographic; |
|
| # }; |
|
| # }; |
|
| #} |
#} |
| |
|
| |
# Define simple filter as an example for BGP import filter |
| |
# See https://gitlab.labs.nic.cz/labs/bird/wikis/BGP_filtering for more examples |
| |
# filter rt_import |
| |
# { |
| |
# if bgp_path.first != 64496 then accept; |
| |
# if bgp_path.len > 64 then accept; |
| |
# if bgp_next_hop != from then accept; |
| |
# reject; |
| |
# } |
| |
|
| #protocol bgp { | # BGP example, explicit name 'uplink1' is used instead of default 'bgp1' |
| # disabled; | # protocol bgp uplink1 { |
| # description "My BGP uplink"; |
# description "My BGP uplink"; |
| # local as 65000; | # local 198.51.100.1 as 65000; |
| # neighbor 198.51.100.130 as 64496; | # neighbor 198.51.100.10 as 64496; |
| # multihop; | # hold time 90; # Default is 240 |
| # hold time 240; | |
| # startup hold time 240; | |
| # connect retry time 120; | |
| # keepalive time 80; # defaults to hold time / 3 | |
| # start delay time 5; # How long do we wait before initial connect | |
| # error wait time 60, 300;# Minimum and maximum time we wait after an error (when consecutive | |
| # # errors occur, we increase the delay exponentially ... | |
| # error forget time 300; # ... until this timeout expires) | |
| # disable after error; # Disable the protocol automatically when an error occurs | |
| # next hop self; # Disable next hop processing and always advertise our local address as nexthop | |
| # path metric 1; # Prefer routes with shorter paths (like Cisco does) | |
| # default bgp_med 0; # MED value we use for comparison when none is defined | |
| # default bgp_local_pref 0; # The same for local preference | |
| # source address 198.51.100.14; # What local address we use for the TCP connection | |
| # password "secret"; # Password used for MD5 authentication |
# password "secret"; # Password used for MD5 authentication |
| # rr client; # I am a route reflector and the neighor is my client | # |
| # rr cluster id 1.0.0.1; # Use this value for cluster id instead of my router id | # ipv4 { # regular IPv4 unicast (1/1) |
| # export where source=RTS_STATIC; | # import filter rt_import; |
| # export filter { | # export where source ~ [ RTS_STATIC, RTS_BGP ]; |
| # if source = RTS_STATIC then { | |
| # bgp_community = -empty-; bgp_community = add(bgp_community,(65000,5678)); | |
| # bgp_origin = 0; | |
| # bgp_community = -empty-; bgp_community.add((65000,5678)); | |
| # if (65000,64501) ~ bgp_community then | |
| # bgp_community.add((0, 1)); | |
| # if bgp_path ~ [= 65000 =] then | |
| # bgp_path.prepend(65000); | |
| # accept; | |
| # } | |
| # reject; | |
| # }; |
# }; |
| #} |
|
| # |
# |
| # Template usage example | # ipv6 { # regular IPv6 unicast (2/1) |
| #template bgp rr_client { | # import filter rt_import; |
| # disabled; | # export filter { # The same as 'where' expression above |
| # local as 65000; | # if source ~ [ RTS_STATIC, RTS_BGP ] |
| # multihop; | # then accept; |
| | # else reject; |
| | # }; |
| | # }; |
| | # |
| | # ipv4 multicast { # IPv4 multicast topology (1/2) |
| | # table mrib4; # explicit IPv4 table |
| | # import filter rt_import; |
| | # export all; |
| | # }; |
| | # |
| | # ipv6 multicast { # IPv6 multicast topology (2/2) |
| | # table mrib6; # explicit IPv6 table |
| | # import filter rt_import; |
| | # export all; |
| | # }; |
| | #} |
| | |
| | # Template example. Using templates to define IBGP route reflector clients. |
| | # template bgp rr_clients { |
| | # local 10.0.0.1 as 65000; |
| | # neighbor as 65000; |
| # rr client; |
# rr client; |
| # rr cluster id 1.0.0.1; |
# rr cluster id 1.0.0.1; |
| #} |
|
| # |
# |
| #protocol bgp rr_abcd from rr_client { | # ipv4 { |
| # neighbor 10.1.4.7 as 65000; | # import all; |
| #} | # export where source = RTS_BGP; |
| | # }; |
| | # |
| | # ipv6 { |
| | # import all; |
| | # export where source = RTS_BGP; |
| | # }; |
| | # } |
| | # |
| | # protocol bgp client1 from rr_clients { |
| | # neighbor 10.0.1.1; |
| | # } |
| | # |
| | # protocol bgp client2 from rr_clients { |
| | # neighbor 10.0.2.1; |
| | # } |
| | # |
| | # protocol bgp client3 from rr_clients { |
| | # neighbor 10.0.3.1; |
| | # } |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to bird.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / default