Routing incoming traffic based on BGP routes

Jeremy Malcolm Jeremy at Malcolm.wattle.id.au
Sat Jun 23 16:55:41 CEST 2001 

I am trying to use bird to differentiate between peering traffic (which
has a certain AS in its BGP path) and non-peering traffic.  I want to
use a different gateway for (incoming and outgoing) peering traffic than
I use for non-peering traffic.  I can get it to work for outgoing
traffic but not incoming.  My filter changes the gateway for peering and
local outgoing traffic so that I can distinguish them from non-peering
outgoing traffic.  I am not sure how to do a similar thing for incoming
traffic.  How could I determine whether incoming traffic is coming from
an address within the peering AS or from outside?  Here is my bird.conf:

protocol direct {
        interface "-eth*", "*"; # So I can manually route incoming
}

protocol kernel {
...snip...

protocol device {
...snip...

filter waix {
if bgp_path ~ / ? 7606 ? / then
        {       # peering traffic
        gw = 203.25.143.3;
        accept;
        }
else
        {       # local traffic, including incoming and my upstream
        if bgp_path ~ / ? 7635 ? / then gw = 203.25.143.2; # This line
# is supposed to do the trick by checking for traffic to a local
# interface but which has my AS in it which must therefore be incoming
# traffic from an external source.  But it doesn't seem to work...?
        else gw = 203.25.143.3;
        accept;
        }
}

protocol static {
        route 203.25.143.0/24 via 203.25.143.254; # Local traffic
# to local interfaces should use this route, instead of the BGP one?
}

protocol bgp {
        local as 7635;
        neighbor 198.32.212.9 as 7635;
        multihop 20 via 203.25.143.254;
        disable after error;    # Drop back to static routing if errors
        source address 203.25.143.1;
        import filter waix;
}

I'm new at this so I'm not sure what other information is needed for
people to make suggestions, please let me know if I've left out anything
important.  Thanks in advance for any help.

--
Independent consulting solicitor* | _ .__ ._ _    |\/| _.| _ _ |._ _
and technology consultant.**    \_|(/_|(/_| | |\/ |  |(_||(_(_)|| | |
Personal site: http://malcolm.wattle.id.au     /   Finger for GPG key
* http://www.ilaw.com.au ** http://www.terminus.net.au jm at ilaw.com.au

More information about the Bird-users mailing list