ansible/roles/bird/templates/bird.conf.j2

{{ ansible_managed | comment }}

log syslog all;

router id {{ bird__router_id }};

protocol device {
    scan time 10;
}

protocol direct {
    ipv4;
    ipv6;
}

protocol kernel kernel4 {
    ipv4 {
        import all;
        export where source != RTS_DEVICE;
    };
}

protocol kernel kernel6 {
    ipv6 {
        import all;
        export where source != RTS_DEVICE;
    };
}


{% if bird__static_unreachable | ansible.utils.ipv4 %}
protocol static unreachable4 {
	ipv4 {
		export all;
	};
{% for route in bird__static_unreachable | ansible.utils.ipv4 %}
	route {{ route }} unreachable;
{% endfor %}
}
{% endif %}

{% if bird__static_unreachable | ansible.utils.ipv6 %}
protocol static unreachable6 {
	ipv6 {
		export all;
	};
{% for route in bird__static_unreachable | ansible.utils.ipv6 %}
	route {{ route }} unreachable;
{% endfor %}
}
{% endif %}

protocol ospf v2 ospf4 {

    ipv4 {
        import all;
        export where source ~ [ RTS_STATIC, RTS_DEVICE ];
    };

    area 0 {
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
        interface {{ name | enquote }} {
            type broadcast;
            hello {{ iface.hello | default(bird__ospf_hello) | int }};
            retransmit {{ iface.retransmit
                          | default(bird__ospf_retransmit)
                          | int }};
            wait {{ iface.wait | default(bird__ospf_wait) | int }};
            dead {{ iface.dead | default(bird__ospf_dead) | int }};
        };
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
        interface {{ name | enquote }} {
            stub;
        };
{% endfor %}
    };

}

protocol ospf v3 ospf6 {

    ipv6 {
        import all;
        export where source ~ [ RTS_STATIC, RTS_DEVICE ];
    };

    area 0 {
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
        interface {{ name | enquote }} {
            type broadcast;
            hello {{ iface.hello | default(bird__ospf_hello) | int }};
            retransmit {{ iface.retransmit
                          | default(bird__ospf_retransmit)
                          | int }};
            wait {{ iface.wait | default(bird__ospf_wait) | int }};
            dead {{ iface.dead | default(bird__ospf_dead) | int }};
        };
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
        interface {{ name | enquote }} {
            stub;
        };
{% endfor %}
    };

}

{% for session in bird__bgp_sessions %}
protocol bgp {{ session.name }} {

    local as {{ session.local.as }};
    source address {{ session.local.address }};
    neighbor {{ session.remote.address }} as {{ session.remote.as }};

    ipv4 {
        import filter {
{%  for pref in session.import.local_pref | default([]) %}
{%
     set networks =
         pref.prefix
         | product("+" if pref.sub else "")
         | map("join")
         | join(", ")
%}
{%   set operator = '!~' if pref.negate | default(False) else '~' %}
            if (net {{ operator }} [ {{ networks }} ]) then {
                bgp_local_pref = {{ pref.pref | int }};
            }
{%  endfor %}
{%  if session.import.accept == "all" %}
            accept;
{%  else %}
{%   for accept in session.import.accept | default([]) %}
{%
      set networks =
          accept.prefix
          | product("+" if accept.sub else "")
          | map("join")
          | join(", ")
%}
{%    set operator = '!~' if accept.negate | default(False) else '~' %}
            if (net {{ operator }} [ {{ networks }} ]) then accept;
{%   endfor %}
            reject;
{%  endif %}
        };
        export filter {
{%  for prepend in session.export.as_prepend | default([]) %}
{%
     set networks =
         prepend.prefix
         | product("+" if prepend.sub else "")
         | map("join")
         | join(", ")
%}
{%   set operator = '!~' if prepend.negate | default(False) else '~' %}
            if (net {{ operator }} [ {{ networks }} ]) then {
{%   for _ in range(prepend.size) %}
                bgp_path.prepend({{ session.local.as }});
{%   endfor %}
            }
{%  endfor %}
{%  if session.export.accept == "all" %}
            accept;
{%  else %}
{%   for accept in session.export.accept | default([]) %}
{%
      set networks =
          accept.prefix
          | product("+" if accept.sub else "")
          | map("join")
          | join(", ")
%}
{%    set operator = '!~' if accept.negate | default(False) else '~' %}
            if (net {{ operator }} [ {{ networks }} ]) then accept;
{%   endfor %}
            reject;
{%  endif %}
        };
    };

}

{% endfor %}

{% if bird__radv_interfaces %}
protocol radv {

{% for name, iface in bird__radv_interfaces.items() %}
    interface {{ name | enquote }} {
        max ra interval {{ bird__radv_max_interval | int }};
{% for prefix in iface.prefix | default([]) %}
        prefix {{ prefix | ipaddr }};
{% endfor %}
{% for domain in iface.domain_search | default([]) %}
        dnssl {{ domain | enquote }};
{% endfor %}
    };
{% endfor %}

{% for address in bird__radv_dns_servers %}
    rdnss {{ address | ipaddr }};
{% endfor %}

}
{% endif %}
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`{{ ansible_managed \| comment }}`

			`log syslog all;`

			`router id {{ bird__router_id }};`

			`protocol device {`
			`scan time 10;`
			`}`

bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`protocol direct {`
			`ipv4;`
			`ipv6;`
			`}`

			`protocol kernel kernel4 {`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`ipv4 {`
			`import all;`
bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`export where source != RTS_DEVICE;`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`};`
			`}`

bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`protocol kernel kernel6 {`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`ipv6 {`
			`import all;`
bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`export where source != RTS_DEVICE;`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`};`
			`}`

bird: add minimal BGP support 2022-12-21 16:39:28 +01:00
			`{% if bird__static_unreachable \| ansible.utils.ipv4 %}`
			`protocol static unreachable4 {`
			`ipv4 {`
			`export all;`
			`};`
			`{% for route in bird__static_unreachable \| ansible.utils.ipv4 %}`
			`route {{ route }} unreachable;`
			`{% endfor %}`
			`}`
			`{% endif %}`

			`{% if bird__static_unreachable \| ansible.utils.ipv6 %}`
			`protocol static unreachable6 {`
			`ipv6 {`
			`export all;`
			`};`
			`{% for route in bird__static_unreachable \| ansible.utils.ipv6 %}`
			`route {{ route }} unreachable;`
			`{% endfor %}`
			`}`
			`{% endif %}`

bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`protocol ospf v2 ospf4 {`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00
			`ipv4 {`
			`import all;`
bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`export where source ~ [ RTS_STATIC, RTS_DEVICE ];`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`};`

			`area 0 {`
			`{% for name, iface in bird__ospf_broadcast_interfaces.items() %}`
			`interface {{ name \| enquote }} {`
			`type broadcast;`
			`hello {{ iface.hello \| default(bird__ospf_hello) \| int }};`
			`retransmit {{ iface.retransmit`
			`\| default(bird__ospf_retransmit)`
			`\| int }};`
			`wait {{ iface.wait \| default(bird__ospf_wait) \| int }};`
			`dead {{ iface.dead \| default(bird__ospf_dead) \| int }};`
			`};`
			`{% endfor %}`
			`{% for name in bird__ospf_stub_interfaces %}`
			`interface {{ name \| enquote }} {`
			`stub;`
			`};`
			`{% endfor %}`
			`};`

			`}`

bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`protocol ospf v3 ospf6 {`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00
			`ipv6 {`
			`import all;`
bird: prevent duplicate rules 2022-09-04 07:40:51 +02:00			`export where source ~ [ RTS_STATIC, RTS_DEVICE ];`
bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`};`

			`area 0 {`
			`{% for name, iface in bird__ospf_broadcast_interfaces.items() %}`
			`interface {{ name \| enquote }} {`
			`type broadcast;`
			`hello {{ iface.hello \| default(bird__ospf_hello) \| int }};`
			`retransmit {{ iface.retransmit`
			`\| default(bird__ospf_retransmit)`
			`\| int }};`
			`wait {{ iface.wait \| default(bird__ospf_wait) \| int }};`
			`dead {{ iface.dead \| default(bird__ospf_dead) \| int }};`
			`};`
			`{% endfor %}`
			`{% for name in bird__ospf_stub_interfaces %}`
			`interface {{ name \| enquote }} {`
			`stub;`
			`};`
			`{% endfor %}`
			`};`

			`}`

bird: add minimal BGP support 2022-12-21 16:39:28 +01:00			`{% for session in bird__bgp_sessions %}`
			`protocol bgp {{ session.name }} {`

			`local as {{ session.local.as }};`
			`source address {{ session.local.address }};`
			`neighbor {{ session.remote.address }} as {{ session.remote.as }};`

			`ipv4 {`
			`import filter {`
			`{% for pref in session.import.local_pref \| default([]) %}`
			`{%`
			`set networks =`
			`pref.prefix`
			`\| product("+" if pref.sub else "")`
			`\| map("join")`
			`\| join(", ")`
			`%}`
			`{% set operator = '!~' if pref.negate \| default(False) else '~' %}`
			`if (net {{ operator }} [ {{ networks }} ]) then {`
			`bgp_local_pref = {{ pref.pref \| int }};`
			`}`
			`{% endfor %}`
			`{% if session.import.accept == "all" %}`
			`accept;`
			`{% else %}`
			`{% for accept in session.import.accept \| default([]) %}`
			`{%`
			`set networks =`
			`accept.prefix`
			`\| product("+" if accept.sub else "")`
			`\| map("join")`
			`\| join(", ")`
			`%}`
			`{% set operator = '!~' if accept.negate \| default(False) else '~' %}`
			`if (net {{ operator }} [ {{ networks }} ]) then accept;`
			`{% endfor %}`
			`reject;`
			`{% endif %}`
			`};`
			`export filter {`
			`{% for prepend in session.export.as_prepend \| default([]) %}`
			`{%`
			`set networks =`
			`prepend.prefix`
			`\| product("+" if prepend.sub else "")`
			`\| map("join")`
			`\| join(", ")`
			`%}`
			`{% set operator = '!~' if prepend.negate \| default(False) else '~' %}`
			`if (net {{ operator }} [ {{ networks }} ]) then {`
			`{% for _ in range(prepend.size) %}`
			`bgp_path.prepend({{ session.local.as }});`
			`{% endfor %}`
			`}`
			`{% endfor %}`
			`{% if session.export.accept == "all" %}`
			`accept;`
			`{% else %}`
			`{% for accept in session.export.accept \| default([]) %}`
			`{%`
			`set networks =`
			`accept.prefix`
			`\| product("+" if accept.sub else "")`
			`\| map("join")`
			`\| join(", ")`
			`%}`
			`{% set operator = '!~' if accept.negate \| default(False) else '~' %}`
			`if (net {{ operator }} [ {{ networks }} ]) then accept;`
			`{% endfor %}`
			`reject;`
			`{% endif %}`
			`};`
			`};`

			`}`

			`{% endfor %}`

bird: add role + playbook, with support for OSPF + RAdv 2022-09-03 03:44:31 +02:00			`{% if bird__radv_interfaces %}`
			`protocol radv {`

			`{% for name, iface in bird__radv_interfaces.items() %}`
			`interface {{ name \| enquote }} {`
			`max ra interval {{ bird__radv_max_interval \| int }};`
			`{% for prefix in iface.prefix \| default([]) %}`
			`prefix {{ prefix \| ipaddr }};`
			`{% endfor %}`
			`{% for domain in iface.domain_search \| default([]) %}`
			`dnssl {{ domain \| enquote }};`
			`{% endfor %}`
			`};`
			`{% endfor %}`

			`{% for address in bird__radv_dns_servers %}`
			`rdnss {{ address \| ipaddr }};`
			`{% endfor %}`

			`}`
			`{% endif %}`