Switch to announcing routes from downstream routers to mika

lakewood.united-states/bird.conf

@@ -2,87 +2,7 @@ log stderr all;
 debug protocols { states, routes, filters, interfaces };
 router id 252.222.50.251;
 
-define DN42_OWN_AS = 4242420475;
-define DN42_EXPORTABLE_NETSET = [
-	fd51:9b17:dc40::/48
-];
-define DN42_OWN_REGION = 1;
-define DN42_OWN_COUNTRY = 276;
-define DN42_OWN_BANDWIDTH = 3;
-
-ipv6 table dn42;
-roa6 table dn42_roa;
-
-include "/etc/bird/dn42-filter.conf";
-
 protocol device { scan time 10; }
 
-protocol direct {
-	vrf "vrf-dn42";
-	check link yes;
-	ipv6 { table dn42; };
-}
-
-protocol static {
-	# Sink routes of owned prefixes
-	route fd51:9b17:dc40::/48 unreachable;
-	ipv6 { table dn42; };
-}
-
-protocol kernel {
-	vrf "vrf-dn42";
-	kernel table 20;
-	scan time 20;
-	learn;
-	merge paths 64;
-
-	ipv6 {
-		table dn42;
-		import filter {
-			if !dn42_is_valid_network() then reject; # Only import valid networks
-			if source != RTS_STATIC then reject; # Don't import non-static routes
-			accept;
-		};
-		export filter {
-			if source = RTS_STATIC then reject; # Don't export my routes back to kernel
-			# krt_prefsrc = DN42_OWN_IP; # Pick my own IP as default/source for these routes
-			accept;
-		};
-	};
-}
-
-protocol rpki roa_dn42 {
-	roa6 { table dn42_roa; };
-	remote ::1;
-	port 8082;
-	refresh 60;
-	retry 30;
-	expire 7200;
-}
-
-template bgp dn42peer {
-	vrf "vrf-dn42";
-	local as DN42_OWN_AS;
-	path metric 1;
-
-	ipv6 {
-		table dn42;
-	};
-}
-
-protocol babel vlan42 {
-	vrf "vrf-dn42";
-
-	interface "br-dn42" {
-		type wired;
-		check link 1;
-	};
-
-	ipv6 {
-		table dn42;
-		import all;
-		export all;
-	};
-}
-
-include "/etc/bird/peers/*";
+include "/etc/bird/v6gw/bird.conf";
+include "/etc/bird/dn42/bird.conf";

lakewood.united-states/dn42/bird.conf

@@ -0,0 +1,82 @@
+define DN42_OWN_AS = 4242420475;
+define DN42_EXPORTABLE_NETSET = [
+	fd51:9b17:dc40::/48
+];
+define DN42_OWN_REGION = 1;
+define DN42_OWN_COUNTRY = 276;
+define DN42_OWN_BANDWIDTH = 3;
+
+ipv6 table dn42;
+roa6 table dn42_roa;
+
+include "/etc/bird/dn42/dn42-filter.conf";
+
+protocol direct dn42_direct {
+	vrf "vrf-dn42";
+	check link yes;
+	ipv6 { table dn42; };
+}
+
+protocol static dn42_static {
+	# Sink routes of owned prefixes
+	route fd51:9b17:dc40::/48 unreachable;
+	ipv6 { table dn42; };
+}
+
+protocol kernel dn42_kernel {
+	vrf "vrf-dn42";
+	kernel table 20;
+	scan time 20;
+	learn;
+	merge paths 64;
+
+	ipv6 {
+		table dn42;
+		import filter {
+			if !dn42_is_valid_network() then reject; # Only import valid networks
+			if source != RTS_STATIC then reject; # Don't import non-static routes
+			accept;
+		};
+		export filter {
+			if source = RTS_STATIC then reject; # Don't export my routes back to kernel
+			# krt_prefsrc = DN42_OWN_IP; # Pick my own IP as default/source for these routes
+			accept;
+		};
+	};
+}
+
+protocol rpki roa_dn42 {
+	roa6 { table dn42_roa; };
+	remote ::1;
+	port 8082;
+	refresh 60;
+	retry 30;
+	expire 7200;
+}
+
+template bgp dn42peer {
+	vrf "vrf-dn42";
+	local as DN42_OWN_AS;
+	path metric 1;
+
+	ipv6 {
+		table dn42;
+	};
+}
+
+protocol babel vlan42 {
+	vrf "vrf-dn42";
+
+	interface "br-dn42" {
+		type wired;
+		check link 1;
+	};
+
+	ipv6 {
+		table dn42;
+		import all;
+		export all;
+	};
+}
+
+include "/etc/bird/dn42/peers/*";

lakewood.united-states/v6gw/bird.conf

@@ -0,0 +1,48 @@
+define V6GW_EXPORTABLE_NETSET = [
+	2a04:5b81:2060:b00b::/64,
+	2a04:5b81:2060:d00d::/64,
+	2a04:5b81:2060:f33d::/64
+];
+
+define V6GW_OWN_AS = 4200000001;
+function v6gw_is_selfnet() {
+	return net ~ V6GW_EXPORTABLE_NETSET;
+}
+
+ipv6 table v6gw;
+
+protocol direct v6gw_direct {
+	vrf "vrf-v6";
+	check link yes;
+	ipv6 { table v6gw; };
+}
+
+protocol kernel v6gw_kernel {
+	vrf "vrf-v6";
+	kernel table 10;
+	scan time 20;
+	learn;
+	merge paths 64;
+
+	ipv6 {
+		table v6gw;
+		import filter {
+			if !v6gw_is_selfnet() then reject; # Only import valid networks
+			if source != RTS_STATIC then reject; # Don't import non-static routes
+			accept;
+		};
+		export none;
+	};
+}
+
+template bgp v6gwpeer {
+	vrf "vrf-v6";
+	local as V6GW_OWN_AS;
+	path metric 1;
+
+	ipv6 {
+		table v6gw;
+	};
+}
+
+include "/etc/bird/v6gw/peers/*";

lakewood.united-states/v6gw/peers/mika.frankfurt.conf

@@ -0,0 +1,11 @@
+protocol bgp mika_frankfurt from v6gwpeer {
+	neighbor fe80::1 as 4200000000;
+	interface "vultrbgp";
+	ipv6 {
+		import none;
+		export filter {
+			if !v6gw_is_selfnet() then reject;
+			accept;
+		};
+	};
+}

mika.frankfurt.vultr/bird.conf

@@ -3,71 +3,12 @@ timeformat protocol iso long;
 debug protocols { states, routes, filters, interfaces };
 router id 45.77.54.132;
 
-define OWN_AS = 4288000569;
-define EXPORTABLE_NETSET = [
-	2a04:5b81:2010::/44{44,48},
-	#2a04:5b81:2010::/48,
-	2a04:5b81:2060::/44{44,48}
-];
 define VRF = "vrf-wgate";
 define VRF_RTID = 20;
 
 ipv6 table main;
 
-include "/etc/bird/filter.conf";
-
 protocol device { scan time 10; }
 
-protocol direct {
-	vrf VRF;
-	check link yes;
-	ipv6 {
-		table main;
-		import filter {
-			if is_self_net() then accept; # Import own routed networks
-			reject;
-		};
-	};
-}
-
-protocol static {
-	ipv6 { table main; };
-}
-
-protocol kernel {
-	vrf VRF;
-	kernel table VRF_RTID;
-	scan time 20;
-	learn;
-	merge paths 64; # ECMP
-
-	ipv6 {
-		table main;
-		import filter {
-			if is_self_net() then accept; # Import own routed networks
-			if source != RTS_STATIC then reject; # Don't import non-static routes
-			accept;
-		};
-		export filter {
-			if source = RTS_STATIC then reject; # Don't export my routes back to kernel
-			# krt_prefsrc = OWN_IP; # Pick my own IP as default/source for these routes
-			accept;
-		};
-	};
-}
-
-template bgp peer_main {
-	vrf VRF;
-	local as OWN_AS;
-	path metric 1;
-	enable extended messages yes;
-	connect delay time 1;
-	connect retry time 20;
-	error wait time 10, 300;
-
-	ipv6 {
-		table main;
-	};
-}
-
-include "/etc/bird/peers/*";
+include "/etc/bird/vultr/bird.conf";
+include "/etc/bird/downstream/bird.conf";

mika.frankfurt.vultr/downstream/bird.conf

@@ -0,0 +1,21 @@
+define DOWNSTREAM_OWN_AS = 4200000000;
+define DOWNSTREAM_IMPORTABLE_ROUTES = [
+	2a04:5b81:2010::/44{44,64},
+	2a04:5b81:2060::/44{44,64}
+];
+
+template bgp downstream_peer {
+	vrf VRF;
+	local as DOWNSTREAM_OWN_AS;
+	path metric 1;
+	enable extended messages yes;
+	connect delay time 1;
+	connect retry time 20;
+	error wait time 10, 300;
+
+	ipv6 {
+		table main;
+	};
+}
+
+include "/etc/bird/downstream/peers/*";

mika.frankfurt.vultr/downstream/peers/lakewood.conf

@@ -0,0 +1,9 @@
+protocol bgp lakewood from downstream_peer {
+	local as DOWNSTREAM_OWN_AS;
+	neighbor fe80::2 as 4200000001;
+	interface "caskd-lakewood";
+	ipv6 {
+		import all;
+		export none;
+	};
+}

mika.frankfurt.vultr/vultr/bird.conf

@@ -0,0 +1,60 @@
+define OWN_AS = 4288000569;
+define EXPORTABLE_NETSET = [
+	2a04:5b81:2010::/44{44,48},
+	2a04:5b81:2060::/44{44,48}
+];
+include "/etc/bird/vultr/filter.conf";
+
+protocol direct {
+	vrf VRF;
+	check link yes;
+	ipv6 {
+		table main;
+		import filter {
+			if is_self_net() then accept; # Import own routed networks
+			reject;
+		};
+	};
+}
+
+protocol static {
+	ipv6 { table main; };
+}
+
+protocol kernel {
+	vrf VRF;
+	kernel table VRF_RTID;
+	scan time 20;
+	learn;
+	merge paths 64; # ECMP
+
+	ipv6 {
+		table main;
+		import filter {
+			if is_self_net() then accept; # Import own routed networks
+			if source != RTS_STATIC then reject; # Don't import non-static routes
+			accept;
+		};
+		export filter {
+			if source = RTS_STATIC then reject; # Don't export my routes back to kernel
+			# krt_prefsrc = OWN_IP; # Pick my own IP as default/source for these routes
+			accept;
+		};
+	};
+}
+
+template bgp peer_main {
+	vrf VRF;
+	local as OWN_AS;
+	path metric 1;
+	enable extended messages yes;
+	connect delay time 1;
+	connect retry time 20;
+	error wait time 10, 300;
+
+	ipv6 {
+		table main;
+	};
+}
+
+include "/etc/bird/vultr/peers/*";

mika.frankfurt.vultr/vultr/filter.conf

@@ -13,7 +13,7 @@ function import_filter() {
 }
 
 function export_filter() {
-	if !is_self_net() && source != RTS_BGP then reject; # Don't export anything but stuff learned from other peers or my own subnets
+	if !is_self_net() then reject; # Don't export anything but my own subnets
 
 	accept;
 }