AS10779
· 297 words · 2 min readThis is a small network, no external services will be provided.
You can find more information about our network on Hurricane Electric BGP Toolkit.
Peering
Peering (PeeringDB) is open to anyone meeting following criteria:
- All peers must maintain a 24/7 contactable NOC
- We reserve the right to suspend peering for an indefinite period of time for any kind of abuse, DDoS, etc.
- Peers are encouraged to provide access to a Looking Glass to facilitate troubleshooting
- Peers should not point a gateway of last resort or default route directed towards our session
- The use of a mutually agreed BGP session password is encouraged but not required
- All announced routes must be covered by a valid ROA
Nix + Bird2
Since nixpkgs has Bird2 options, it's relatively simple to make a config that can be reused for multiple peers:
{ ... }:
{
services.bird2.config =
let
peer = [
{
name = "<Peer Name>";
asn = "<Peer ASN>";
ipv4 = "<Peer IPv4>";
ipv6 = "<Peer IPv6>";
multihop = "<Multihop>";
password = "<BGP Password>";
}
{ ... }
];
in
''
${lib.concatMapStringsSep "\n" (p: ''
protocol bgp ${p.name}4 {
// own ipv4, asn
graceful restart on;
multihop ${p.multihop};
neighbor ${p.ipv4}
as ${p.asn};
password "${p.password}";
ipv4 {
import filter {
// import filters
accept;
};
export filter {
// export filters
accept;
};
};
}
'') peer}
${lib.concatMapStringsSep "\n" (p: ''
protocol bgp ${p.name}6 {
// own ipv6, asn
graceful restart on;
multihop ${p.multihop};
neighbor ${p.ipv6}
as ${p.asn};
password "${p.password}";
ipv6 {
import filter {
// import filters
accept;
};
export filter {
// export filters
accept;
};
};
}
'') peer}
'';
}