wiki.ohea.xyz/wiki
11
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

small typos

Browse Source
This commit is contained in:
Fisher Darling
2022-10-30 17:32:35 +01:00
parent f458cbc8b2
commit 57300cef9a
1 changed files with 19 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
projects/alamesh/setting_up_bird.md
+19 -13
View File
@@ -1,16 +1,16 @@
# Setting up BIRD
BIRD, or the "BIRD Internet Routing Daemon", is a daemon that turns a dump linux box into a fully fledged router that
BIRD, or the "BIRD Internet Routing Daemon", is a daemon that turns a dumb linux box into a fully fledged router that
can support many different routing protocols. It speaks those protocols with other routers and builds a dynamic routing
table that is then sent to the kernel (which does the actual packet forwarding).
This doc tracks my learnings from install and using bird on a cheap, $4/month DO droplet.
This doc tracks my learnings from installing and setting up bird on a cheap, $4/month DO droplet. Actually using it
with another router will come in an edit or separate post.
# My Network
I'm not trying to to any sort of dynamic routing yet, but here's what I have working right now. My current network is
the entire `0200::/7` address space (all addresses prefixed with `0x2` and `0x00`).
the entire `0200::/7` address space (all addresses prefixed with `0x02` and `0x0[01]`).
```
┌──────────┐ wg tunnel
@@ -52,7 +52,7 @@ I moved my bin to `/usr/local/bin/bird` after having some weird env issues.
~~Now we need to create a user with `CAP_NET_*` privileges that bird can run as~~. We actually don't need to do that
immediately. We can use `-u` to drop to a user like `nobody` and bird will only give itself the privileges that it
needs.
needs. We may want a specific bird user in the future.
# Configuration
@@ -62,7 +62,7 @@ chosen to use a local config file under `~/.bird/bird.conf`. You can give bird t
dn42 has a [great guide](https://dn42.eu/howto/Bird) on using bird (with peers!). I'm going to copy the configuration
structure from that page here and attempt to add more commentary.
The guide requires a few pieces of information (what we'll need to decide on):
The guide requires a few pieces of information that we'll need to discuss:
* `<AS>`: your [Autonomous System Number](https://en.wikipedia.org/wiki/Autonomous_system_(Internet))
* `<GATEWAY_IP>`: your gateway ip, the internal `0200::/7` address that the router will run on.
@@ -73,9 +73,8 @@ The guide requires a few pieces of information (what we'll need to decide on):
> Most of this information should be located in (and authenticated through) a git repo. If we do it with git, then
> updating bird should simply be a `git pull` and then running a cli tool to generate the config and reload bird. We need
> to find a balance between magic and understanding of what's happening. Maybe a tool that can describe what's going on
> at any level of detail would be enough?
> to find a balance between magic and understanding of what's happening. Maybe a tool that automates it but describes
> what's going on is enough?
Now for the actual configuration. We're going to be using IPv6 only. If we did v4 we would need a separate set of rules
files, subnets, ips, etc.
@@ -83,6 +82,9 @@ files, subnets, ips, etc.
The first file is the root `bird.conf`. This is what we point bird to when starting the daemon. I will try to comment
every line and block with my understanding of what it means.
The bird conf file format is a structured tree of blocks with some simple syntax. A `protocol` is the base unit of work
in bird. Protocols describe how to interact with the kernel, BGP, static route, etc.
## bird.conf
```
@@ -105,7 +107,7 @@ include "/etc/bird/local6.conf
#
# Again, not really a protocol but ¯\_(ツ)_/¯
# Comment from dn42.
# Comment from dn42's guide:
/*
krt_prefsrc defines the source address for outgoing connections.
On Linux, this causes the "src" attribute of a route to be set.
@@ -221,8 +223,10 @@ define OWNIP = <GATEWAY_IP>;
# Now for some helper functions (filters) that we use in the config above:
# Returns if the `net` special variable (what the route is actually talking about, could be prefix),
# is in our own subnet. The `+` after the subnet is shorthand for "every possible address in this subnet".
# Returns if the `net` special variable (what the route is actually
# talking about, could be prefix. generally some kind of address),
# is in our own subnet. The `+` after the subnet is shorthand for
# "every possible address in this subnet".
#
# `a ~ b` means "a is in b".
function is_self_net() {
@@ -264,4 +268,6 @@ when we get there (large outage lol).
Now I need to actually test this with another router. I'll most likely setup another VPS or ask someone else to spin
something up.
I need to determine a fake AS number, subnets, etc.
I need to determine a fake AS number, subnets, etc, and then I'll report back if it works or not. To test the bird
configuration, I plan to connect lykos to a different router running on a different subnet, and then ssh into hyperion
from lykos. The routes should "just work" (right lol).