{{ ansible_managed | comment }} log syslog all; router id {{ bird__router_id }}; protocol device { scan time 10; } protocol direct { ipv4; ipv6; } protocol kernel kernel4 { ipv4 { import all; export where source !~ [ RTS_DEVICE, RTS_STATIC ]; }; } protocol kernel kernel6 { ipv6 { import all; export where source !~ [ RTS_DEVICE, RTS_STATIC ]; }; } {% if bird__static_unreachable | ansible.utils.ipv4 %} protocol static unreachable4 { ipv4 { export all; }; {% for route in bird__static_unreachable | ansible.utils.ipv4 %} route {{ route }} unreachable; {% endfor %} } {% endif %} {% if bird__static_unreachable | ansible.utils.ipv6 %} protocol static unreachable6 { ipv6 { export all; }; {% for route in bird__static_unreachable | ansible.utils.ipv6 %} route {{ route }} unreachable; {% endfor %} } {% endif %} {% if bird__ospf_broadcast_interfaces %} protocol ospf v2 ospf4 { ipv4 { import all; export where source ~ [ RTS_STATIC, RTS_DEVICE ]; }; area 0 { {% for network in bird__ospf_stub_networks | ansible.utils.ipv4 %} stubnet {{ network }}; {% endfor %} {% for name, iface in bird__ospf_broadcast_interfaces.items() %} interface {{ name | enquote }} { type broadcast; hello {{ iface.hello | default(bird__ospf_hello) | int }}; retransmit {{ iface.retransmit | default(bird__ospf_retransmit) | int }}; wait {{ iface.wait | default(bird__ospf_wait) | int }}; dead {{ iface.dead | default(bird__ospf_dead) | int }}; }; {% endfor %} {% for name in bird__ospf_stub_interfaces %} interface {{ name | enquote }} { stub; }; {% endfor %} }; } {% endif %} {% if bird__ospf_broadcast_interfaces %} protocol ospf v3 ospf6 { ipv6 { import all; export where source ~ [ RTS_STATIC, RTS_DEVICE ]; }; area 0 { {% for network in bird__ospf_stub_networks | ansible.utils.ipv6 %} stubnet {{ network }}; {% endfor %} {% for name, iface in bird__ospf_broadcast_interfaces.items() %} interface {{ name | enquote }} { type broadcast; hello {{ iface.hello | default(bird__ospf_hello) | int }}; retransmit {{ iface.retransmit | default(bird__ospf_retransmit) | int }}; wait {{ iface.wait | default(bird__ospf_wait) | int }}; dead {{ iface.dead | default(bird__ospf_dead) | int }}; }; {% endfor %} {% for name in bird__ospf_stub_interfaces %} interface {{ name | enquote }} { stub; }; {% endfor %} }; } {% endif %} {% for session in bird__bgp_sessions %} {% for local_address in session.local.address %} {% set version = local_address | ansible.utils.ipaddr(query="version") %} {% set remote_address = session.remote.address | ansible.utils.ipaddr(version=version) | first %} protocol bgp bgp_{{ session.name }}{{ version }} { local {{ local_address }} as {{ session.local.as }}; neighbor {{ remote_address }} as {{ session.remote.as }}; {{ "ipv4" if version == 4 else "ipv6" }} { import filter { {% for pref in session.import.local_pref | default([]) %} {% set networks = pref.prefix | default([]) | ansible.utils.ipaddr(version=version) | map("suffix", pref.sub | default(False) | ternary("+", "")) %} {% set operator = pref.negate | default(False) | ternary("!~", "~") %} {% if networks %} if net {{ operator }} [ {{ networks | join(", ") }} ] then { bgp_local_pref = {{ pref.pref | int }}; } {% endif %} {% endfor %} {% if session.import.accept == "all" %} accept; {% else %} {% for accept in session.import.accept | default([]) %} {% set networks = accept.prefix | default([]) | ansible.utils.ipaddr(version=version) | map("suffix", accept.sub | default(False) | ternary("+", "")) %} {% set operator = accept.negate | default(False) | ternary("!~", "~") %} {% if networks %} if net {{ operator }} [ {{ networks | join(",") }} ] then accept; {% endif %} {% endfor %} reject; {% endif %} }; export filter { {% for prepend in session.export.as_prepend | default([]) %} {% set networks = prepend.prefix | default([]) | ansible.utils.ipaddr(version=version) | map("suffix", prepend.sub | default(False) | ternary("+", "")) %} {% set operator = prepend.negate | default(False) | ternary("!~", "~") %} {% if networks %} if net {{ operator }} [ {{ networks | join(", ") }} ] then { {% for _ in range(prepend.size) %} bgp_path.prepend({{ session.local.as }}); {% endfor %} } {% endif %} {% endfor %} {% if session.export.accept == "all" %} accept; {% else %} {% for accept in session.export.accept | default([]) %} {% set networks = accept.prefix | default([]) | ansible.utils.ipaddr(version=version) | map("suffix", accept.sub | default(False) | ternary("+", "")) %} {% set operator = accept.negate | default(False) | ternary("!~", "~") %} {% if networks %} if net {{ operator }} [ {{ networks | join(", ") }} ] then accept; {% endif %} {% endfor %} reject; {% endif %} }; }; } {% endfor %} {% endfor %} {% if bird__radv_interfaces %} protocol radv { {% for name, iface in bird__radv_interfaces.items() %} interface {{ name | enquote }} { max ra interval {{ bird__radv_max_interval | int }}; {% for prefix in iface.prefix | default([]) %} prefix {{ prefix | ipaddr }}; {% endfor %} {% for domain in iface.domain_search | default([]) %} dnssl {{ domain | enquote }}; {% endfor %} }; {% endfor %} {% for address in bird__radv_dns_servers %} rdnss {{ address | ipaddr }}; {% endfor %} } {% endif %}