I'm trying to learn more about BGP routing so I'm diving into DN42. I'm using Kioubit as a peer and set up a wiregaurd tunnel successfully but I cant seem to get bird (v1) to initialize that protocol. When I run show protocols
inside of birdc
the status seems to be stuck at:
kioubit BGP master start 00:34:13 Connect
and has not changed. I also can't seem to access any resources on the dn42 network. I followed the wiregaurd and birdv1 guides on dn42.net. Does anybody know why this is happening? BIRD config below: bird.conf:
# /etc/bird/bird.conf
# Device status
protocol device {
scan time 10; # recheck every 10 seconds
}
protocol static {
# Static routes to announce your own range(s) in dn42
route 172.20.62.192/26 reject;
import all;
export none;
};
# local configuration
######################
# keeping router specific in a seperate file,
# so this configuration can be reused on multiple routers in your network
include "/etc/bird/local4.conf";
# filter helpers
#################
##include "/etc/bird/filter4.conf";
# Kernel routing tables
########################
/*
krt_prefsrc defines the source address for outgoing connections.
On Linux, this causes the "src" attribute of a route to be set.
Without this option outgoing connections would use the peering IP which
would cause packet loss if some peering disconnects but the interface
is still available. (The route would still exist and thus route through
the TUN/TAP interface but the VPN daemon would simply drop the packet.)
*/
protocol kernel {
scan time 20;
import none;
export filter {
if source = RTS_STATIC then reject;
krt_prefsrc = OWNIP;
accept;
};
};
# DN42
#######
template bgp dnpeers {
local as OWNAS;
# metric is the number of hops between us and the peer
path metric 1;
# this lines allows debugging filter rules
# filtered routes can be looked up in birdc using the "show route filtered" command
import keep filtered;
import filter {
# accept every subnet, except our own advertised subnet
# filtering is important, because some guys try to advertise routes like 0.0.0.0
if is_valid_network() && !is_self_net() then {
accept;
}
reject;
};
export filter {
# here we export the whole net
if is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then {
accept;
}
reject;
};
import limit 1000 action block;
#source address OWNIP;
};
include "/etc/bird/peers4/*";
local4.conf:
#/etc/bird/local4.conf
# should be a unique identifier, <GATEWAY_IP> is what most people use.
router id 172.20.62.193;
define OWNAS = 4242420547;
define OWNIP = 172.20.62.193;
function is_self_net() {
return net ~ [172.20.62.192/26+];
}
function is_valid_network() {
return net ~ [
172.20.0.0/14{21,29}, # dn42
172.20.0.0/24{28,32}, # dn42 Anycast
172.21.0.0/24{28,32}, # dn42 Anycast
172.22.0.0/24{28,32}, # dn42 Anycast
172.23.0.0/24{28,32}, # dn42 Anycast
172.31.0.0/16+, # ChaosVPN
10.100.0.0/14+, # ChaosVPN
10.127.0.0/16{16,32}, # neonetwork
10.0.0.0/8{15,24} # Freifunk.net
];
}
local6.conf:
# /etc/bird/local6.conf
# should be a unique identifier, use same id as for ipv4
router id 172.20.62.193;
define OWNAS = 4242420547;
define OWNIP = 172.20.62.193;
function is_self_net() {
return net ~ [fdf6:cc1:6f4::/48+];
}
function is_valid_network() {
return net ~ [
fd00::/8{44,64} # ULA address space as per RFC 4193
];
}
bird6.conf:
#/etc/bird/bird6.conf
protocol device {
scan time 10;
}
# local configuration
######################
include "/etc/bird/local6.conf";
# filter helpers
#################
##include "/etc/bird/filter6.conf";
# Kernel routing tables
########################
/*
krt_prefsrc defines the source address for outgoing connections.
On Linux, this causes the "src" attribute of a route to be set.
Without this option outgoing connections would use the peering IP which
would cause packet loss if some peering disconnects but the interface
is still available. (The route would still exist and thus route through
the TUN/TAP interface but the VPN daemon would simply drop the packet.)
*/
protocol kernel {
scan time 20;
import none;
export filter {
if source = RTS_STATIC then reject;
krt_prefsrc = OWNIP;
accept;
};
}
# static routes
################
protocol static {
route fdf6:cc1:6f4::/48 reject;
import all;
export none;
}
template bgp dnpeers {
local as OWNAS;
path metric 1;
import keep filtered;
import filter {
if is_valid_network() && !is_self_net() then {
accept;
}
reject;
};
export filter {
if is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then {
accept;
}
reject;
};
import limit 1000 action block;
}
include "/etc/bird/peers6/*";
local6.conf:
# /etc/bird/local6.conf
# should be a unique identifier, use same id as for ipv4
router id 172.20.62.193;
define OWNAS = 4242420547;
define OWNIP = 172.20.62.193;
function is_self_net() {
return net ~ [fdf6:cc1:6f4::/48+];
}
function is_valid_network() {
return net ~ [
fd00::/8{44,64} # ULA address space as per RFC 4193
];
}
local4.conf:
#/etc/bird/local4.conf
# should be a unique identifier, <GATEWAY_IP> is what most people use.
router id 172.20.62.193;
define OWNAS = 4242420547;
define OWNIP = 172.20.62.193;
function is_self_net() {
return net ~ [172.20.62.192/26+];
}
function is_valid_network() {
return net ~ [
172.20.0.0/14{21,29}, # dn42
172.20.0.0/24{28,32}, # dn42 Anycast
172.21.0.0/24{28,32}, # dn42 Anycast
172.22.0.0/24{28,32}, # dn42 Anycast
172.23.0.0/24{28,32}, # dn42 Anycast
172.31.0.0/16+, # ChaosVPN
10.100.0.0/14+, # ChaosVPN
10.127.0.0/16{16,32}, # neonetwork
10.0.0.0/8{15,24} # Freifunk.net
];
}
peers6/kioubit:
protocol bgp kioubit from dnpeers {
# if you use link-local ipv6 addresses for peering using the following
neighbor fdfc:e23f:fb45:3234::9 % 'wg4' as 4242423914;
};
peers4/kioubit
protocol bgp kioubit from dnpeers {
neighbor 172.20.53.103 as 4242423914;
};