Don't break *default* default route

the one without conditions in ip rule...
author: uvok cheetah 2024-06-24 19:12:32 +0200
committer: uvok cheetah 2024-06-24 19:12:32 +0200
commit: 7d69b4221866498a841dc16a796d844d4f818206 (patch)
tree: 3ae3cc9ff67e32db9c5fbd704485c1ec7ac15fbe /roles/uvok_bird
parent: 902aa734d6cfdee49a443d6adbb67cb0480d6dd2 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/uvok_bird/templates/clearnet.conf.j2 b/roles/uvok_bird/templates/clearnet.conf.j2
index ac7af56..ff6674b 100644
--- a/roles/uvok_bird/templates/clearnet.conf.j2
+++ b/roles/uvok_bird/templates/clearnet.conf.j2
@@ -134,6 +134,7 @@ protocol pipe {
     };
 }
 
+# BGP *internal* table
 protocol kernel p_myas_i {
 #    scan time 20;
     kernel table 150;
@@ -146,6 +147,10 @@ protocol kernel p_myas_i {
                 print "SHOULD NOT HAPPEN: export babel to kernel: ", net, " from", source;
                 reject;
             }
+            # DO NOT PUT DEFAULT ROUTE INTO TABLE 150!!
+            # This will completely replace *the default route for non-my-AS-traffic* !!!
+            # will be copied into "BGP table" anyway.
+            if is_default_route() then reject;
             krt_prefsrc = CLEARNET_PREFIP;
             accept;
         };
author	uvok cheetah	2024-06-24 19:12:32 +0200
committer	uvok cheetah	2024-06-24 19:12:32 +0200
commit	7d69b4221866498a841dc16a796d844d4f818206 (patch)
tree	3ae3cc9ff67e32db9c5fbd704485c1ec7ac15fbe /roles/uvok_bird
parent	902aa734d6cfdee49a443d6adbb67cb0480d6dd2 (diff)