From 6107aea10cdbfd60ec8012a5dd2ea95813da00ec Mon Sep 17 00:00:00 2001 From: benno Date: Sun, 9 Sep 2018 12:49:44 +0000 Subject: [PATCH] update example bgpd.conf to use new config language features: network prefix-set ... and filters with prefix-set ... or-longer. ok claudio@ --- etc/examples/bgpd.conf | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/etc/examples/bgpd.conf b/etc/examples/bgpd.conf index bbb894397d9..63151ad7492 100644 --- a/etc/examples/bgpd.conf +++ b/etc/examples/bgpd.conf @@ -1,4 +1,4 @@ -# $OpenBSD: bgpd.conf,v 1.12 2018/09/08 08:00:21 claudio Exp $ +# $OpenBSD: bgpd.conf,v 1.13 2018/09/09 12:49:44 benno Exp $ # example bgpd configuration file, see bgpd.conf(5) # define our own ASN as a macro @@ -8,24 +8,16 @@ ASN="65001" AS $ASN router-id 192.0.2.1 -# Generate routes for the networks our ASN will originate. -# The communities (read 'tags') are later used to match on what -# is announced to EBGP neighbors -network 192.0.2.0/24 set large-community $ASN:1:1 -network 2001:db8:abcd::/48 set large-community $ASN:1:1 - # list of networks that may be originated by our ASN prefix-set mynetworks { \ 192.0.2.0/24 \ 2001:db8:abcd::/48 \ } -# this prefix-set is used to protect against accepting -# hijacks of our own originated address space -prefix-set mynetworks_orlonger { \ - 192.0.2.0/24 or-longer \ - 2001:db8:abcd::/48 or-longer \ -} +# Generate routes for the networks our ASN will originate. +# The communities (read 'tags') are later used to match on what +# is announced to EBGP neighbors +network prefix-set mynetworks set large-community $ASN:1:1 # assume simple network with 3 routers in IBGP full mesh group "ibgp mesh v4" { @@ -73,7 +65,7 @@ group "upstreams" { allow to ebgp prefix-set mynetworks large-community $ASN:1:1 # deny more-specifics of our own originated prefixes -deny quick from ebgp prefix-set mynetworks_orlonger +deny quick from ebgp prefix-set mynetworks or-longer # IBGP: allow all updates to and from our IBGP neighbors allow from ibgp -- 2.20.1