ops/nixos: drop Google/AS15169 routes from Veloxserv to prefer RouteServer

This commit is contained in:
Luke Granger-Brown 2022-01-01 03:02:55 +00:00
parent bfd08b08cf
commit 8e28b5bbfe
2 changed files with 9 additions and 0 deletions

View file

@ -14,6 +14,7 @@ let
{ {
if ! (avoid_martians4()) then reject; if ! (avoid_martians4()) then reject;
${if ix.remote.must_be_next_hop then "if (bgp_path.first != ${toString ix.remote.asn}) then reject;" else "# no next-hop requirement"} ${if ix.remote.must_be_next_hop then "if (bgp_path.first != ${toString ix.remote.asn}) then reject;" else "# no next-hop requirement"}
${lib.concatMapStringsSep "\n" (asn: "if (bgp_path ~ [= * ${toString asn} * =]) then reject;") ix.remote.drop_asns}
bgp_local_pref = ${toString ix.remote.bgp_local_pref}; bgp_local_pref = ${toString ix.remote.bgp_local_pref};
accept; accept;
} }
@ -23,6 +24,7 @@ let
{ {
if ! (avoid_martians6()) then reject; if ! (avoid_martians6()) then reject;
${if ix.remote.must_be_next_hop then "if (bgp_path.first != ${toString ix.remote.asn}) then reject;" else "# no next-hop requirement"} ${if ix.remote.must_be_next_hop then "if (bgp_path.first != ${toString ix.remote.asn}) then reject;" else "# no next-hop requirement"}
${lib.concatMapStringsSep "\n" (asn: "if (bgp_path ~ [= * ${toString asn} * =]) then reject;") ix.remote.drop_asns}
bgp_local_pref = ${toString ix.remote.bgp_local_pref}; bgp_local_pref = ${toString ix.remote.bgp_local_pref};
accept; accept;
} }
@ -141,6 +143,10 @@ in {
type = bool; type = bool;
default = true; default = true;
}; };
drop_asns = mkOption { # lukegbgp.config.peering.<foo>.remote.drop_asns
type = listOf int;
default = [];
};
bgp_local_pref = mkOption { # lukegbgp.config.peering.<foo>.remote.bgp_local_pref bgp_local_pref = mkOption { # lukegbgp.config.peering.<foo>.remote.bgp_local_pref
type = int; type = int;
default = 100; default = 100;

View file

@ -140,6 +140,9 @@ in
asn = 3170; asn = 3170;
export_community = 4001; export_community = 4001;
bgp_local_pref = 101; bgp_local_pref = 101;
drop_asns = [
15169 # prefer RS to transit
];
routers = [{ routers = [{
v4 = config.my.blade-router.addresses.linknet.v4.remote; v4 = config.my.blade-router.addresses.linknet.v4.remote;
v6 = config.my.blade-router.addresses.linknet.v6.remote; v6 = config.my.blade-router.addresses.linknet.v6.remote;