MàJ configuration pour version >= 6.4
This commit is contained in:
jdubois
parent
bec03a93d6
commit
c681646e99
|
|
@ -93,17 +93,27 @@ listen on 10.0.0.2
|
||||||
holdtime 180
|
holdtime 180
|
||||||
holdtime min 3
|
holdtime min 3
|
||||||
fib-update yes
|
fib-update yes
|
||||||
network 192.0.32.0/24
|
|
||||||
|
# List of networks that may be originated by our ASN
|
||||||
|
prefix-set mynetworks { \
|
||||||
|
192.0.32.0/24 \
|
||||||
|
}
|
||||||
|
|
||||||
|
# Generate routes for the networks our ASN will originate.
|
||||||
|
network prefix-set mynetworks
|
||||||
|
|
||||||
|
|
||||||
group "peering AS65002" {
|
group "peering AS65002" {
|
||||||
remote-as 65002
|
remote-as 65002
|
||||||
neighbor 10.0.0.3 {
|
neighbor 10.0.0.3 {
|
||||||
descr "AS 65002 peer 1"
|
descr "AS 65002 peer 1"
|
||||||
announce all
|
|
||||||
tcp md5sig password mekmitasdigoat
|
tcp md5sig password mekmitasdigoat
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Outbound EBGP: allow self originated networks to ebgp peers
|
||||||
|
allow to ebgp prefix-set mynetworks
|
||||||
|
|
||||||
deny from any
|
deny from any
|
||||||
allow from any inet prefixlen 8 - 24
|
allow from any inet prefixlen 8 - 24
|
||||||
~~~
|
~~~
|
||||||
|
|
@ -117,21 +127,32 @@ listen on 10.0.0.3
|
||||||
holdtime 180
|
holdtime 180
|
||||||
holdtime min 3
|
holdtime min 3
|
||||||
fib-update yes
|
fib-update yes
|
||||||
network 192.0.33.0/24
|
|
||||||
|
# List of networks that may be originated by our ASN
|
||||||
|
prefix-set mynetworks { \
|
||||||
|
192.0.33.0/24 \
|
||||||
|
}
|
||||||
|
|
||||||
|
# Generate routes for the networks our ASN will originate.
|
||||||
|
network prefix-set mynetworks
|
||||||
|
|
||||||
group "peering AS65001" {
|
group "peering AS65001" {
|
||||||
remote-as 65001
|
remote-as 65001
|
||||||
neighbor 10.0.0.2 {
|
neighbor 10.0.0.2 {
|
||||||
descr "AS 65001 peer 1"
|
descr "AS 65001 peer 1"
|
||||||
announce all
|
|
||||||
tcp md5sig password mekmitasdigoat
|
tcp md5sig password mekmitasdigoat
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Outbound EBGP: allow self originated networks to ebgp peers
|
||||||
|
allow to ebgp prefix-set mynetworks
|
||||||
|
|
||||||
deny from any
|
deny from any
|
||||||
allow from any inet prefixlen 8 - 24
|
allow from any inet prefixlen 8 - 24
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
Note : la directive `allow to ebgp prefix-set mynetworks` est nécessaire à partir d'OpenBSD 6.4 où les directives `announce (all|none|self|default-route)` n'existent plus. Par défaut, rien n'est envoyé et il faut explicitement indiquer quels préfixes autoriser.
|
||||||
|
|
||||||
## Utilisation (observer)
|
## Utilisation (observer)
|
||||||
|
|
||||||
### Pour voir les réseaux annoncés
|
### Pour voir les réseaux annoncés
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue