update example bgpd.conf to use new config language features:

network prefix-set ... and filters with prefix-set ... or-longer.
ok claudio@

diff --git a/etc/examples/bgpd.conf b/etc/examples/bgpd.conf
index bbb8943..63151ad 100644 (file)
--- a/etc/examples/bgpd.conf
+++ b/etc/examples/bgpd.conf
@@ -1,4 +1,4 @@
-# $OpenBSD: bgpd.conf,v 1.12 2018/09/08 08:00:21 claudio Exp $
+# $OpenBSD: bgpd.conf,v 1.13 2018/09/09 12:49:44 benno Exp $
 # example bgpd configuration file, see bgpd.conf(5)
 
 # define our own ASN as a macro
@@ -8,24 +8,16 @@ ASN="65001"
 AS $ASN
 router-id 192.0.2.1
 
-# Generate routes for the networks our ASN will originate.
-# The communities (read 'tags') are later used to match on what
-# is announced to EBGP neighbors
-network 192.0.2.0/24 set large-community $ASN:1:1
-network 2001:db8:abcd::/48 set large-community $ASN:1:1
-
 # list of networks that may be originated by our ASN
 prefix-set mynetworks {                \
        192.0.2.0/24            \
        2001:db8:abcd::/48      \
 }
 
-# this prefix-set is used to protect against accepting
-# hijacks of our own originated address space
-prefix-set mynetworks_orlonger {       \
-       192.0.2.0/24 or-longer          \
-       2001:db8:abcd::/48 or-longer    \
-}
+# Generate routes for the networks our ASN will originate.
+# The communities (read 'tags') are later used to match on what
+# is announced to EBGP neighbors
+network prefix-set mynetworks set large-community $ASN:1:1
 
 # assume simple network with 3 routers in IBGP full mesh
 group "ibgp mesh v4" {
@@ -73,7 +65,7 @@ group "upstreams" {
 allow to ebgp prefix-set mynetworks large-community $ASN:1:1
 
 # deny more-specifics of our own originated prefixes
-deny quick from ebgp prefix-set mynetworks_orlonger
+deny quick from ebgp prefix-set mynetworks or-longer
 
 # IBGP: allow all updates to and from our IBGP neighbors
 allow from ibgp