bird.conf.example 6.02 KB
Newer Older
1 2 3 4 5 6 7
# This is a basic configuration file, which contains boilerplate options and
# some basic examples. It allows the BIRD daemon to start but will not cause
# anything else to happen.
#
# Please refer to the BIRD User's Guide documentation, which is also available
# online at http://bird.network.cz/ in HTML format, for more information on
# configuring BIRD and adding routing protocols.
8

Martin Mareš's avatar
Martin Mareš committed
9
# Configure logging
10 11
log syslog all;
# log "/var/log/bird.log" { debug, trace, info, remote, warning, error, auth, fatal, bug };
12

13 14 15
# Set router ID. It is a unique identification of your router, usually one of
# IPv4 addresses of the router. It is recommended to configure it explicitly.
# router id 198.51.100.1;
16

17 18 19
# Turn on global debugging of all protocols (all messages or just selected classes)
# debug protocols all;
# debug protocols { events, states };
20

21 22 23
# Turn on internal watchdog
# watchdog warning 5 s;
# watchdog timeout 30 s;
Martin Mareš's avatar
Martin Mareš committed
24

25 26 27
# You can define your own constants
# define my_asn = 65000;
# define my_addr = 198.51.100.1;
28

29 30 31
# Tables master4 and master6 are defined by default
# ipv4 table master4;
# ipv6 table master6;
32

33 34 35
# Define more tables, e.g. for policy routing or as MRIB
# ipv4 table mrib4;
# ipv6 table mrib6;
36

37 38 39 40 41
# The Device protocol is not a real routing protocol. It does not generate any
# routes and it only serves as a module for getting information about network
# interfaces from the kernel. It is necessary in almost any configuration.
protocol device {
}
42

43 44 45 46 47 48 49 50
# The direct protocol is not a real routing protocol. It automatically generates
# direct routes to all network interfaces. Can exist in as many instances as you
# wish if you want to populate multiple routing tables with direct routes.
protocol direct {
	disabled;		# Disable by default
	ipv4;			# Connect to default IPv4 table
	ipv6;			# ... and to default IPv6 table
}
51

52 53 54
# The Kernel protocol is not a real routing protocol. Instead of communicating
# with other routers in the network, it performs synchronization of BIRD
# routing tables with the OS kernel. One instance per table.
55
protocol kernel {
56 57 58 59 60 61 62
	ipv4 {			# Connect protocol to IPv4 table by channel
#	      table master4;	# Default IPv4 table is master4
#	      import all;	# Import to table, default is import all
	      export all;	# Export to protocol. default is export none
	};
#	learn;			# Learn alien routes from the kernel
#	kernel table 10;	# Kernel table to synchronize with (default: main)
63
}
64

65 66 67
# Another instance for IPv6, skipping default options
protocol kernel {
	ipv6 { export all; };
68 69
}

70 71
# Static routes (Again, there can be multiple instances, for different address
# families and to disable/enable various groups of static routes on the fly).
72
protocol static {
73 74 75 76
	ipv4;			# Again, IPv4 channel with default options

#	route 0.0.0.0/0 via 198.51.100.10;
#	route 192.0.2.0/24 blackhole;
77
#	route 10.0.0.0/8 unreachable;
78 79 80 81 82
#	route 10.2.0.0/24 via "eth0";
#	# Static routes can be defined with optional attributes
#	route 10.1.1.0/24 via 198.51.100.3 { rip_metric = 3; };
#	route 10.1.2.0/24 via 198.51.100.3 { ospf_metric1 = 100; };
#	route 10.1.3.0/24 via 198.51.100.4 { ospf_metric2 = 100; };
83
}
84

85 86 87 88 89 90 91 92 93 94 95 96 97 98
# Pipe protocol connects two routing tables. Beware of loops.
# protocol pipe {
#	table master4;		# No ipv4/ipv6 channel definition like in other protocols
#	peer table mrib4;
#	import all;		# Direction peer table -> table
#	export all;		# Direction table -> peer table
# }

# RIP example, both RIP and RIPng are supported
# protocol rip {
#	ipv4 {
#		# Export direct, static routes and ones from RIP itself
#		import all;
#		export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_RIP ];
99
#	};
100 101 102 103 104 105 106
#	interface "eth*" {
#	  	update time 10;			# Default period is 30
#		timeout time 60;		# Default timeout is 180
#		authentication cryptographic;	# No authentication by default
#		password "hello" { algorithm hmac sha256; }; # Default is MD5
#	};
# }
Martin Mareš's avatar
Martin Mareš committed
107

108 109 110 111 112 113 114
# OSPF example, both OSPFv2 and OSPFv3 are supported
# protocol ospf v3 {
#  	ipv6 {
#		import all;
#		export where source = RTS_STATIC;
#	};
#	area 0 {
115
#		interface "eth*" {
116 117 118
#			type broadcast;		# Detected by default
#			cost 10;		# Interface metric
#			hello 5;		# Default hello perid 10 is too long
119
#		};
120 121 122 123
#		interface "tun*" {
#			type ptp;		# PtP mode, avoids DR selection
#			cost 100;		# Interface metric
#			hello 5;		# Default hello perid 10 is too long
124
#		};
125 126
#		interface "dummy0" {
#			stub;			# Stub interface, just propagate it
127 128 129
#		};
#	};
#}
130

131 132 133 134 135 136 137 138 139 140 141 142
# Define simple filter as an example for BGP import filter
# See https://gitlab.labs.nic.cz/labs/bird/wikis/BGP_filtering for more examples
# filter rt_import
# {
#	if bgp_path.first != 64496 then accept;
#	if bgp_path.len > 64 then accept;
#	if bgp_next_hop != from then accept;
#	reject;
# }

# BGP example, explicit name 'uplink1' is used instead of default 'bgp1'
# protocol bgp uplink1 {
143
#	description "My BGP uplink";
144 145 146
#	local 198.51.100.1 as 65000;
#	neighbor 198.51.100.10 as 64496;
#	hold time 90;		# Default is 240
147
#	password "secret";	# Password used for MD5 authentication
148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166
#
#	ipv4 {			# regular IPv4 unicast (1/1)
#		import filter rt_import;
#		export where source ~ [ RTS_STATIC, RTS_BGP ];
#	};
#
#	ipv6 {			# regular IPv6 unicast (2/1)
#		import filter rt_import;
#		export filter {	# The same as 'where' expression above
#			if source ~ [ RTS_STATIC, RTS_BGP ]
#			then accept;
#			else reject;
#		};
#	};
#
#	ipv4 multicast {	# IPv4 multicast topology (1/2)
#		table mrib4;	# explicit IPv4 table
#		import filter rt_import;
#		export all;
Martin Mareš's avatar
Martin Mareš committed
167
#	};
168
#
169 170 171 172 173 174 175 176 177 178 179
#	ipv6 multicast {	# IPv6 multicast topology (2/2)
#		table mrib6;	# explicit IPv6 table
#		import filter rt_import;
#		export all;
#	};
#}

# Template example. Using templates to define IBGP route reflector clients.
# template bgp rr_clients {
#	local 10.0.0.1 as 65000;
#	neighbor as 65000;
180 181 182
#	rr client;
#	rr cluster id 1.0.0.1;
#
183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204
#	ipv4 {
#		import all;
#		export where source = RTS_BGP;
#	};
#
#	ipv6 {
#		import all;
#		export where source = RTS_BGP;
#	};
# }
#
# protocol bgp client1 from rr_clients {
#	neighbor 10.0.1.1;
# }
#
# protocol bgp client2 from rr_clients {
#	neighbor 10.0.2.1;
# }
#
# protocol bgp client3 from rr_clients {
#	neighbor 10.0.3.1;
# }