Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen der Seite angezeigt.

--- notiz:bird2-debian-buster-installieren [2020/11/17 22:15] – clerie
+++ notiz:bird2-debian-buster-installieren [2020/11/18 22:18] (aktuell) – [bird2 bauen und installieren] clerie
@@ Zeile 12: / Zeile 12: @@
 wget https://bird.network.cz/download/bird-2.0.7.tar.gz
 tar -xf bird-2.0.7.tar.gz
-ls -al
 cd bird-2.0.7/
 ./configure
@@ Zeile 26: / Zeile 25: @@
 <code - /etc/systemd/system/bird.service>
+[Unit]
+Description=BIRD Internet Routing Daemon
+After=network.target
+[Service]
+ExecStartPre=/usr/local/sbin/bird -p
+ExecReload=/usr/local/sbin/birdc configure
+ExecStart=/usr/local/sbin/bird -f -u bird -g bird
+Restart=on-abort
+[Install]
+WantedBy=multi-user.target
 </code>
-<code - bash>
+<code bash>
 systemctl enable --now bird
 </code>
@@ Zeile 35: / Zeile 46: @@
 <code - /usr/local/etc/bird.conf>
+router id 192.168.10.26;
+ipv6 table ospf6;
+ipv6 table bgp6;
+protocol direct {
+        interface "ens20";
+        ipv6 {
+                table ospf6;
+        };
+}
+protocol static {
+        ipv6 {
+                table bgp6;
+        };
+        route fd56:4902:eca0::/48 via "lo";
+        route fd56:4902:eca0::/52 via "lo";
+}
+protocol kernel {
+        ipv6 {
+                table ospf6;
+                export filter {
+                        krt_prefsrc=fd56:4902:eca0:6::1;
+                        accept;
+                };
+                import none;
+        };
+        kernel table 1337;
+}
+protocol kernel {
+        ipv6 {
+                table bgp6;
+                export filter {
+                        krt_prefsrc=fd56:4902:eca0:6::1;
+                        accept;
+                };
+                import none;
+        };
+        kernel table 2342;
+}
+protocol ospf v3 {
+        ipv6 {
+                table ospf6;
+                import all;
+                export all;
+        };
+        area 0 {
+                interface "ens19" {
+                        cost 80;
+                };
+        };
+}
+protocol bgp gw5 {
+        local as 4242422574;
+        graceful restart on;
+        neighbor fd56:4902:eca0:5::1 as 4242422574;
+        source address fd56:4902:eca0:6::1;
+        ipv6 {
+                table bgp6;
+                igp table ospf6;
+                next hop self;
+                import keep filtered;
+                import all;
+                export all;
+        };
+}
+protocol bgp peer_nex {
+        local as 4242422574;
+        graceful restart on;
+        neighbor fd9b:37f7:faf7:3001::2 as 4242423012;
+        source address fd9b:37f7:faf7:3001::6;
+        ipv6 {
+                table bgp6;
+                igp table ospf6;
+                next hop self;
+                import keep filtered;
+                import filter {
+                        if net ~ [fd00::/8{8,64}] then accept;
+                        reject;
+                };
+                export filter {
+                        #if net ~ [fd9b:37f7:faf7:3001::/64] then reject;
+                        if net ~ [fd00::/8{8,64}] then accept;
+                        reject;
+                };
+        };
+}
+protocol device {
+        scan time 10;
+}
 </code>
+===== forwarding aktivieren =====
+<code /etc/sysctl.conf>
+net.ipv4.ip_forward=1
+net.ipv6.conf.all.forwarding=1
+</code>
+<code bash>
+systemctl restart systemd-sysctl
+</code>
+===== policy based Routing einrichten =====
+<code - /etc/network/if-up.d/bird>
+#!/bin/bash
+ip -6 rule flush
+ip -6 rule add lookup main prio 32000
+ip -6 rule add from all to fd56:4902:eca0::/48 lookup 1337 prio 10000
+#ip -6 rule add from fd56:4902:eca0::/48 to all lookup 2342 prio 10000
+ip -6 rule add from all to all lookup 2342 prio 10000
+ip -6 rule add from all to fd56:4902:eca0::/48 unreachable prio 20000
+ip -6 rule add from fd56:4902:eca0::/48 to all unreachable prio 20000
+</code>
+<code bash>
+chmod +x /etc/network/if-up.d/bird
+/etc/network/if-up.d/bird
+</code>