Bird as BGP flow-spec announcement filter
Tim Weippert
weiti+bird-users at weiti.org
Sat Jan 8 20:06:49 CET 2022
Hi,
i tried with a 2.0.8 and it seems you can do something like:
show route table TF_AS203759_v4 filter { if net.dst ~ [ 192.168.0.0/16+] then accept; }
I only checked it within the CLI but asume, that the filter also works
as import/export filter for the flowspec peering. Another valid search
scope may be net.src for source filtering.
HTH,
tim
On Sat, Jan 08, 2022 at 12:44:53PM +0100, Blažej Krajňák wrote:
> Hello,
>
> is it possible to do BGP Flowspec announcement filtering with Bird?
> For ex. I want to provide capability to my customer to annouce to my
> network BGP Flowspec rules. However, I must check, if announced rule
> have dst from customers IP range. Bird should act as route reflector
> only.
>
> Thanks,
> Blažej
>
--
Tim Weippert
http://weiti.org - weiti at weiti.org
GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
More information about the Bird-users
mailing list