This is a small network, no external services will be provided.
You can find more information about our network on Hurricane Electric BGP Toolkit.
Peering #
Peering is open to anyone meeting following criteria:
- All peers must maintain a 24/7 contactable NOC
- We reserve the right to suspend peering for an indefinite period of time for any kind of abuse, DDoS, etc.
- Peers are encouraged to provide access to a Looking Glass to facilitate troubleshooting
- Peers should not point a gateway of last resort or default route directed towards our session
- The use of a mutually agreed BGP session password is encouraged but not required
- All announced routes must be covered by a valid ROA
Nix + Bird2 #
Since nixpkgs has
Bird2 options,
it's relatively simple to make a config that can be reused for multiple peers:
1{ ... }:
2
3{
4 services.bird2.config =
5 let
6 peer = [
7 {
8 name = "<Peer Name>";
9 asn = "<Peer ASN>";
10 ipv4 = "<Peer IPv4>";
11 ipv6 = "<Peer IPv6>";
12 multihop = "<Multihop>";
13 password = "<BGP Password>";
14 }
15 { ... }
16 ];
17 in
18 ''
19 ${lib.concatMapStringsSep "\n" (p: ''
20 protocol bgp ${p.name}4 {
21 // own ipv4, asn
22 graceful restart on;
23 multihop ${p.multihop};
24 neighbor ${p.ipv4}
25 as ${p.asn};
26 password "${p.password}";
27 ipv4 {
28 import filter {
29 // import filters
30 accept;
31 };
32 export filter {
33 // export filters
34 accept;
35 };
36 };
37 }
38 '') peer}
39
40 ${lib.concatMapStringsSep "\n" (p: ''
41 protocol bgp ${p.name}6 {
42 // own ipv6, asn
43 graceful restart on;
44 multihop ${p.multihop};
45 neighbor ${p.ipv6}
46 as ${p.asn};
47 password "${p.password}";
48 ipv6 {
49 import filter {
50 // import filters
51 accept;
52 };
53 export filter {
54 // export filters
55 accept;
56 };
57 };
58 }
59 '') peer}
60 '';
61}