Dynamic reconfigurations of bird - how?

Ondrej Zajicek santiago at crfreenet.org
Thu Jul 14 16:44:07 CEST 2022


On Sat, Jul 09, 2022 at 10:44:26AM +0200, Nico Schottelius wrote:
> 
> Good morning fellow bird users,
> 
> I was wondering how you handle "dynamic reconfigurations" such as
> rerouting, adding filters, changing the priority of routes in case of
> attacks?
> 
> In particular I wonder if there is a "good way" to tell bird to lower or
> raise a certain route temporarily, i.e. something that would be reset on
> a reload? Or to tell bird to forget about specific routes that you want
> to filter for blackholing certain parts?
> 
> So far in case of attacks we usually edit bird.conf, reload
> bird and after the attacks are done, purge/overwrite the config with our
> config management (cdist in our case).
> 
> This works, but has a bit of a write-reload instead of a set-and-forget
> behaviour, and I was more looking to something like "set on a switch,
> but don't issue the write command"-mode.
> 
> Any thoughts on this?

Hello

Two ideas:

1) Use separate copy of a config file, and then use it as an argument:

  configure "bird-temp.conf"

So your basic configuration stays unchanged.


2) Use some additional kernel routing table for these dynamic routes
and import them to BIRD using kernel protocol with 'learn' option.
Then add/remove these routes using 'ip' system tool.


BTW, your e-mail has date 2022-07-09. but all headers have today date
(2022-07-14).

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."


More information about the Bird-users mailing list