summaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
authoruvok cheetah2024-06-24 19:12:32 +0200
committeruvok cheetah2024-06-24 19:12:32 +0200
commit7d69b4221866498a841dc16a796d844d4f818206 (patch)
tree3ae3cc9ff67e32db9c5fbd704485c1ec7ac15fbe /roles
parent902aa734d6cfdee49a443d6adbb67cb0480d6dd2 (diff)
Don't break *default* default route
the one without conditions in ip rule...
Diffstat (limited to 'roles')
-rw-r--r--roles/uvok_bird/templates/clearnet.conf.j25
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/uvok_bird/templates/clearnet.conf.j2 b/roles/uvok_bird/templates/clearnet.conf.j2
index ac7af56..ff6674b 100644
--- a/roles/uvok_bird/templates/clearnet.conf.j2
+++ b/roles/uvok_bird/templates/clearnet.conf.j2
@@ -134,6 +134,7 @@ protocol pipe {
};
}
+# BGP *internal* table
protocol kernel p_myas_i {
# scan time 20;
kernel table 150;
@@ -146,6 +147,10 @@ protocol kernel p_myas_i {
print "SHOULD NOT HAPPEN: export babel to kernel: ", net, " from", source;
reject;
}
+ # DO NOT PUT DEFAULT ROUTE INTO TABLE 150!!
+ # This will completely replace *the default route for non-my-AS-traffic* !!!
+ # will be copied into "BGP table" anyway.
+ if is_default_route() then reject;
krt_prefsrc = CLEARNET_PREFIP;
accept;
};