[bird] Don't export some routes if we announce a /24 that we can route

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-07-26 22:36:41 +02:00 · 2021-07-26 22:36:41 +02:00 · 5ade6fe486
parent 6a66ccd8ca
commit 5ade6fe486
5 changed files with 20 additions and 0 deletions
--- a/host_vars/routeur-daniel.adm.crans.org/bird.yml
+++ b/host_vars/routeur-daniel.adm.crans.org/bird.yml
@ -8,6 +8,8 @@ loc_bird:
    statics:
      - 185.230.78.0/24
      - 185.230.79.0/24
    kernel_filter:
      - 185.230.78.0/24
    bgps:
      - name: viarezo
        allow_local_as: 1
--- a/host_vars/routeur-jack.adm.crans.org/bird.yml
+++ b/host_vars/routeur-jack.adm.crans.org/bird.yml
@ -8,6 +8,8 @@ loc_bird:
    statics:
      - 185.230.78.0/24
      - 185.230.79.0/24
    kernel_filter:
      - 185.230.78.0/24
    bgps:
      - name: viarezo
        allow_local_as: 1
--- a/host_vars/routeur-sam.adm.crans.org/bird.yml
+++ b/host_vars/routeur-sam.adm.crans.org/bird.yml
@ -8,6 +8,8 @@ loc_bird:
    statics:
      - 185.230.78.0/24
      - 185.230.79.0/24
    kernel_filter:
      - 185.230.78.0/24
    bgps:
      - name: viarezo
        allow_local_as: 1
--- a/roles/bird/templates/bird/bird.conf.j2
+++ b/roles/bird/templates/bird/bird.conf.j2
@ -23,7 +23,14 @@ protocol kernel {
 #	persist;
 	scan time 60;
 	import none;
 {% if bird.ipv4.kernel_filter is defined %}
 	export filter {
 		if ( net ~ [ {{ bird.ipv4.kernel_filter|join(', ') }} ] ) then reject;
 		accept;
 	};
 {% else %}
 	export all;
 {% endif %}
 }
 # The Device protocol is not a real routing protocol. It doesn't generate any
--- a/roles/bird/templates/bird/bird6.conf.j2
+++ b/roles/bird/templates/bird/bird6.conf.j2
@ -22,7 +22,14 @@ protocol kernel {
 #	persist;
 	scan time 60;
 	import none;
 {% if bird.ipv6.kernel_filter is defined %}
 	export filter {
 		if ( net ~ [ {{ bird.ipv6.kernel_filter|join(', ') }} ] ) then reject;
 		accept;
 	};
 {% else %}
 	export all;
 {% endif %}
 }
 # The Device protocol is not a real routing protocol. It doesn't generate any