MàJ configuration pour version >= 6.4
This commit is contained in:
parent
bec03a93d6
commit
c681646e99
|
@ -93,17 +93,27 @@ listen on 10.0.0.2
|
|||
holdtime 180
|
||||
holdtime min 3
|
||||
fib-update yes
|
||||
network 192.0.32.0/24
|
||||
|
||||
# List of networks that may be originated by our ASN
|
||||
prefix-set mynetworks { \
|
||||
192.0.32.0/24 \
|
||||
}
|
||||
|
||||
# Generate routes for the networks our ASN will originate.
|
||||
network prefix-set mynetworks
|
||||
|
||||
|
||||
group "peering AS65002" {
|
||||
remote-as 65002
|
||||
neighbor 10.0.0.3 {
|
||||
descr "AS 65002 peer 1"
|
||||
announce all
|
||||
tcp md5sig password mekmitasdigoat
|
||||
}
|
||||
}
|
||||
|
||||
# Outbound EBGP: allow self originated networks to ebgp peers
|
||||
allow to ebgp prefix-set mynetworks
|
||||
|
||||
deny from any
|
||||
allow from any inet prefixlen 8 - 24
|
||||
~~~
|
||||
|
@ -117,21 +127,32 @@ listen on 10.0.0.3
|
|||
holdtime 180
|
||||
holdtime min 3
|
||||
fib-update yes
|
||||
network 192.0.33.0/24
|
||||
|
||||
# List of networks that may be originated by our ASN
|
||||
prefix-set mynetworks { \
|
||||
192.0.33.0/24 \
|
||||
}
|
||||
|
||||
# Generate routes for the networks our ASN will originate.
|
||||
network prefix-set mynetworks
|
||||
|
||||
group "peering AS65001" {
|
||||
remote-as 65001
|
||||
neighbor 10.0.0.2 {
|
||||
descr "AS 65001 peer 1"
|
||||
announce all
|
||||
tcp md5sig password mekmitasdigoat
|
||||
}
|
||||
}
|
||||
|
||||
# Outbound EBGP: allow self originated networks to ebgp peers
|
||||
allow to ebgp prefix-set mynetworks
|
||||
|
||||
deny from any
|
||||
allow from any inet prefixlen 8 - 24
|
||||
~~~
|
||||
|
||||
Note : la directive `allow to ebgp prefix-set mynetworks` est nécessaire à partir d'OpenBSD 6.4 où les directives `announce (all|none|self|default-route)` n'existent plus. Par défaut, rien n'est envoyé et il faut explicitement indiquer quels préfixes autoriser.
|
||||
|
||||
## Utilisation (observer)
|
||||
|
||||
### Pour voir les réseaux annoncés
|
||||
|
|
Loading…
Reference in a new issue