50 lines
No EOL
1.6 KiB
Text
50 lines
No EOL
1.6 KiB
Text
# default to using syslog. /etc/rsyslog.d/45-frr.conf places the log in
|
|
# /var/log/frr/frr.log
|
|
#
|
|
# Note:
|
|
# FRR's configuration shell, vtysh, dynamically edits the live, in-memory
|
|
# configuration while FRR is running. When instructed, vtysh will persist the
|
|
# live configuration to this file, overwriting its contents. If you want to
|
|
# avoid this, you can edit this file manually before starting FRR, or instruct
|
|
# vtysh to write configuration to a different file.
|
|
log syslog informational
|
|
|
|
router bgp 65000
|
|
bgp router-id 192.168.14.103
|
|
no bgp default ipv4-unicast
|
|
neighbor fabric peer-group
|
|
neighbor fabric remote-as 65000
|
|
neighbor fabric capability extended-nexthop
|
|
neighbor 192.168.14.100 peer-group fabric
|
|
!
|
|
address-family l2vpn evpn
|
|
neighbor fabric activate
|
|
advertise-all-vni
|
|
exit-address-family
|
|
!
|
|
neighbor 192.168.14.1 remote-as 65001
|
|
!
|
|
address-family ipv4 unicast
|
|
redistribute static
|
|
redistribute connected
|
|
route-map PUBLIC_ONLY out
|
|
route-map INPUT_DENY in
|
|
exit-address-family
|
|
!
|
|
!
|
|
|
|
ip prefix-list PUBLIC_ONLY seq 10 deny 192.168.15.0/24
|
|
ip prefix-list PUBLIC_ONLY seq 20 deny 10.0.0.0/8 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 30 deny 172.16.0.0/12 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 40 deny 192.168.0.0/16 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 50 deny 127.0.0.0/8 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 60 deny 169.254.0.0/16 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 70 deny 100.64.0.0/10 le 32
|
|
ip prefix-list PUBLIC_ONLY seq 80 permit 0.0.0.0/0 le 32
|
|
|
|
route-map PUBLIC_ONLY permit 10
|
|
match ip address prefix-list PUBLIC_ONLY
|
|
!
|
|
|
|
route-map INPUT_DENY deny 10
|
|
! |