From 4939f6adbd318ef6d09f6a5ede73674754912240 Mon Sep 17 00:00:00 2001 From: Maxime Hillebrand-Lambert Date: Fri, 21 May 2021 15:43:01 +0000 Subject: [PATCH] add-upstream-21052021 --- configuration | 200 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 137 insertions(+), 63 deletions(-) diff --git a/configuration b/configuration index 8023d42..b9dcd89 100644 --- a/configuration +++ b/configuration @@ -1,4 +1,4 @@ - interfaces { +interfaces { ethernet eth0 { address 5.196.146.57/24 } @@ -45,19 +45,19 @@ source-address 5.196.146.57 } tunnel tun5 { - address 185.1.125.54/24 - address 2001:7f8:d0::3:3f14:1/48 - description "IX - 4IXP" - encapsulation gretap - remote 195.48.40.110 + address 2a0e:97c0:210::212:224:262/126 + description "Upstream - C1VHosting" + encapsulation gre + multicast disable + remote 152.89.170.250 source-address 5.196.146.57 } - tunnel tun6 { - address 2001:678:4fc::92:159/64 - address 5.101.92.159/22 - description "IX - LL IX" + tunnel tun7 { + address 2a0e:46c4:102::212:756:1/64 + description "IX - PyramIX" encapsulation gretap - remote 46.148.124.1 + multicast disable + remote 91.201.67.183 source-address 5.196.146.57 } tunnel tun10 { @@ -65,7 +65,7 @@ description "Core - Mar1" encapsulation gre multicast disable - remote IP + remote MAR1 source-address 5.196.146.57 } tunnel tun11 { @@ -73,7 +73,7 @@ description "Core - Mar2" encapsulation gre multicast disable - remote IP + remote MAR2 source-address 5.196.146.57 } tunnel tun12 { @@ -81,9 +81,18 @@ description "Core - MAR3" encapsulation gre multicast disable - remote IP + remote MAR3 source-address 5.196.146.57 } + vxlan vxlan0 { + address 185.1.125.54/24 + address 2001:7f8:d0::3:3f14:1/48 + mtu 1500 + port 4789 + remote 195.48.40.110 + source-address 5.196.146.57 + vni 75 + } } policy { prefix-list6 as212756 { @@ -101,6 +110,65 @@ prefix ::/0 } } + prefix-list6 as212756-cust { + description "as212756 - All Out Prefix + Cust" + rule 10 { + action permit + prefix 2a0c:b641:4c0::/44 + } + rule 20 { + action permit + prefix 2a0e:b107:fa0::/44 + } + rule 40 { + action deny + prefix ::/0 + } + } + prefix-list6 defaultroute { + rule 10 { + action permit + prefix ::/0 + } + } + route-map ROUTES-IN { + rule 10 { + action permit + match { + rpki valid + } + set { + local-preference 300 + } + } + rule 20 { + action permit + match { + rpki notfound + } + set { + local-preference 125 + } + } + rule 30 { + action deny + match { + rpki invalid + } + } + } + route-map defaultroute { + rule 10 { + action permit + match { + ipv6 { + address { + prefix-list defaultroute + } + } + } + } + } } protocols { bgp 212756 { @@ -110,21 +178,21 @@ } } } - neighbor 2a0c:9a40:100f:4c1::1 { + neighbor 185.44.81.150 { address-family { - ipv6-unicast { - prefix-list { - export as212756 + ipv4-unicast { + soft-reconfiguration { + inbound } + } + ipv6-unicast { soft-reconfiguration { inbound } } } - description "Upstream - iFog" ebgp-multihop 255 - remote-as 34927 - shutdown + remote-as 212504 } neighbor 2a0c:b641:4c0:8::1:2 { address-family { @@ -180,6 +248,51 @@ ebgp-multihop 255 remote-as 206639 } + neighbor 2a0e:46c4:102::1 { + address-family { + ipv6-unicast { + prefix-list { + export as212756 + } + soft-reconfiguration { + inbound + } + } + } + description "PyramIX - RSv6 1" + ebgp-multihop 255 + remote-as 141702 + } + neighbor 2a0e:46c4:102::2 { + address-family { + ipv6-unicast { + prefix-list { + export as212756 + } + soft-reconfiguration { + inbound + } + } + } + description "PyramIX - RSv6 2" + ebgp-multihop 255 + remote-as 141702 + } + neighbor 2a0e:97c0:210::212:224:261 { + address-family { + ipv6-unicast { + prefix-list { + export as212756-cust + } + soft-reconfiguration { + inbound + } + } + } + description "Upstream - C1VHosting" + ebgp-multihop 255 + remote-as 212271 + } neighbor 2a01:20e:1001:115::1 { address-family { ipv6-unicast { @@ -199,7 +312,7 @@ address-family { ipv6-unicast { prefix-list { - export as212756 + export as212756-cust } soft-reconfiguration { inbound @@ -222,7 +335,6 @@ } } description "4IXP - RSv6 1" - ebgp-multihop 255 remote-as 35708 } neighbor 2001:7f8:d0:b901::7d02 { @@ -237,7 +349,6 @@ } } description "4IXP - RSv6 2" - ebgp-multihop 255 remote-as 35708 } neighbor 2001:7f8:d0:b901::7d03 { @@ -252,39 +363,8 @@ } } description "4IXP - RSv6 3" - ebgp-multihop 255 remote-as 35708 } - neighbor 2001:678:4fc::2 { - address-family { - ipv6-unicast { - prefix-list { - export as212756 - } - soft-reconfiguration { - inbound - } - } - } - description "LL-IX - RSv6 2" - ebgp-multihop 255 - remote-as 59947 - } - neighbor 2001:678:4fc::9 { - address-family { - ipv6-unicast { - prefix-list { - export as212756 - } - soft-reconfiguration { - inbound - } - } - } - description "LL-IX - RSv6 1" - ebgp-multihop 255 - remote-as 59947 - } neighbor 2602:feda:3:4f::1 { address-family { ipv6-unicast { @@ -301,12 +381,6 @@ remote-as 46997 } } - rpki { - cache 2a00:5884::8 { - port 323 - preference 1 - } - } static { route 0.0.0.0/0 { next-hop 5.196.146.254 { @@ -337,13 +411,13 @@ login { user maximehl { authentication { - encrypted-password EncryptedPassword + encrypted-password Password } full-name "Maxime Hillebrand-Lambert" } user valentinp { authentication { - encrypted-password EncryptedPassword + encrypted-password Password } full-name "Valentin Puccetti" }