c08be5b57b
fix the example neighbor configurations
noticed by Alex Holst
OK henning@
7 years ago
a92396dccb
Add manpage update for new grouping feature '{from,to} {i,e}bgp'
OK phessler@
7 years ago
e439920063
Add GRACEFUL_SHUTDOWN example to bgpd.conf
OK phessler@
7 years ago
caa98a6441
Add operators =, !=, - (range), >< (exclsive range) to the as-path
filters (AS, peer-as, source-as, transit-as).
Add a use case (block illegal AS numbers) to the bgpd.conf example.
feedback from claudio, sthen, florian,
ok florian@ phessler@
8 years ago
6bcbe80df2
the parser doesn't accept "inet" here; pointed out by Denis Fondras on misc
9 years ago
7c2e84f5c2
When ARIN prepared for the IPv4-pocolypse, they put aside a /10 for
**smaller than /24 allocations**. Our default ruleset will not allow
those, even though they will be for various pieces of critical dual-stack
infrastructure to help IPv6-only systems survive.
This adds a default rule to allow those blocks. With it, I see the
RIPE announced test blocks on our AMS-IX peers.
ARIN announced this block and policy at, enjoy
https://www.arin.net/announcements/2014/20140130.html
OK benno@, claudio@, sthen@, florian@
9 years ago
6fd28ba697
my pleasure to move bgpd.conf to examples. ok theo
10 years ago
df4f9adb13
Show the exemplary rules for accepting default routes for IPv6 as well.
ok sthen florian
11 years ago
938c939dfe
Filter the IPv6 Discard-Only Prefix because it should not be globally
routable. See RFC6666. Diff by Gleydson Soares.
11 years ago
c65c6496e7
move bgplg and slowcgi sockets to /var/www/run
input reyk@, guenther@
"move fast" deraadt@
OK naddy@
12 years ago
301764d7a3
Add a brief comment describing each bogus v4 network that is filtered by
default, similar to the v6 entries.
While here, add a filter for 100.64.0.0/10, which is now reserved by RFC 6598
OK henning@, sthen@
13 years ago
7ac30f3c8a
Add 2001:2::/48 (prefix used for benchmarking) to the list of
non-routeable prefixes. While there sort list.
Diff provided by Andre Keller.
14 years ago
48f09b7f57
Update example filterset to include a basic IPv6 filterset.
While there extend the current IPv4 filterset.
OK sthen@, henning@
14 years ago
c8795cfca1
add a sample for "socket ... restricted", prompted by mail from
Patrick Lamaiziere, ok henning@
14 years ago
2e03005398
The deny all and allow from any inet prefixlen 8 - 24 will block the default
route already so don't add an additional rule for that. Instead add a commented
allow rule. Idea from Mitja Muzenic (mitja at muzenic dot net)
15 years ago
fa0f3150b2
Update config because of the new way prefixlen works. The prefixlen 8 - 24
rule needs an explicit "inet" to match on IPv4 addresses only. OK henning@
18 years ago
bd051447a7
comment out the listen on statements, we don't want any by default,
and some minor tweaks
20 years ago
c0a72d2560
add an example neighbor with manual keyed IPsec
21 years ago
865353fbf2
king bula likes more sample fluff
21 years ago
73e3c491cd
provide some filter examples; PR3764
21 years ago
cc7a6f44ee
king bula sez: you shall have fluffy sample configs
21 years ago
3000687cd0
cope with recent changes and add examples for the new keywords
21 years ago
47259f6ca5
add sample bgpd.conf, not yet connected
requested by theo
21 years ago
phessler