- BIRD是什么
- Generated by confd
include “bird_aggr.cfg”;
include “bird_ipam.cfg”;
router id 10.192.0.2;
# Configure synchronization between routing tables and kernel.
protocol kernel {
learn; # Learn all alien routes from the kernel
persist; # Don’t remove routes on bird shutdown
scan time 2; # Scan kernel routing table every 2 seconds
import all;
export filter calico_kernel_programming; # Default is export none
graceful restart; # Turn on graceful restart to reduce potential flaps in
# routes when reloading BIRD configuration. With a full
# automatic mesh, there is no way to prevent BGP from
# flapping since multiple nodes update their BGP
# configuration at the same time, GR is not guaranteed to
# work correctly in this scenario.
}
# Watch interface up/down events.
protocol device {
debug { states };
scan time 2; # Scan interfaces every 2 seconds
}
protocol direct {
debug { states };
interface -“cali“, ““; # Exclude cali* but include everything else.
}
# Template for all BGP clients
template bgp bgp_template {
debug { states };
description “Connection to BGP peer”;
local as 64512;
multihop;
gateway recursive; # This should be the default, but just in case.
import all; # Import all routes, since we don’t know what the upstream
# topology is and therefore have to trust the ToR/RR.
export filter calico_export_to_bgp_peers; # Only want to export routes for workloads.
source address 10.192.0.2; # The local address we use for the TCP connection
add paths on;
graceful restart; # See comment in kernel section about graceful restart.
connect delay time 2;
connect retry time 5;
error wait time 5,30;
}
# ——————- Node-to-node mesh ——————-
# This node is configured as a route reflector with cluster ID 10.0.0.1;
# ignore node-to-node mesh setting.
# ——————- Global peers ——————-
# No global peers configured.
# ——————- Node-specific peers ——————-
# For peer /host/kube-master/peer_v4/172.19.4.87
protocol bgp Node_172_19_4_87 from bgp_template {
neighbor 172.19.4.87 as 64533;
}
github: https://github.com/projectcalico/bird
BIRD是什么
BIRD是布拉格查理大学数学与物理学院的一个学校项目,项目名是BIRD Internet Routing Daemon的缩写。 目前,它由CZ.NIC实验室开发和支持。<br /> BIRD项目旨在开发一个功能齐全的**动态 IP 路由守护进程**,主要针对(但不限于)Linux,FreeBSD和其他类UNIX系统,并在GNU通用公共许可证下分发。详细信息参照官网 [https://bird.network.cz](https://bird.network.cz/)<br /> calico 中的 [Bird](http://bird.network.cz/)是一个BGP client,它会主动读取felix在host上设置的路由信息,然后通过BGP协议广播出去.
bird github上主要是提供了 bird,bird6,birdcl 3个可执行程序
如果要通过编译源代码则有点不容易,我经过测试,通过下在 bird2.07 的源码比较靠谱
birdcl 命令
1987 birdcl -s /var/run/calico/bird.ctl show protocols
1988 birdcl -s /var/run/calico/bird.ctl show status
1989 birdcl -s /var/run/calico/bird.ctl show interface
1990 birdcl -s /var/run/calico/bird.ctl show protocols
1991 birdcl -s /var/run/calico/bird.ctl show ospf interface
1992 birdcl -s /var/run/calico/bird.ctl show ospf status
1993 birdcl -s /var/run/calico/bird.ctl show ospf state
1994 birdcl -s /var/run/calico/bird.ctl show state
1995 birdcl -s /var/run/calico/bird.ctl show static
1996 birdcl -s /var/run/calico/bird.ctl show bfd session
1997 birdcl -s /var/run/calico/bird.ctl show route
1998 birdcl -s /var/run/calico/bird.ctl show configurate
1999 birdcl -s /var/run/calico/bird.ctl dump routes
2000 birdcl -s /var/run/calico/bird.ctl show route
/usr/local/etc/bird.conf
cat /usr/local/etc/bird.conf
# This is a basic configuration file, which contains boilerplate options and
# some basic examples. It allows the BIRD daemon to start but will not cause
# anything else to happen.
#
# Please refer to the BIRD User’s Guide documentation, which is also available
# online at http://bird.network.cz/ in HTML format, for more information on
# configuring BIRD and adding routing protocols.
# Configure logging
log syslog all;
# log “/var/log/bird.log” { debug, trace, info, remote, warning, error, auth, fatal, bug };
# Set router ID. It is a unique identification of your router, usually one of
# IPv4 addresses of the router. It is recommended to configure it explicitly.
# router id 198.51.100.1;
# Turn on global debugging of all protocols (all messages or just selected classes)
# debug protocols all;
# debug protocols { events, states };
# Turn on internal watchdog
# watchdog warning 5 s;
# watchdog timeout 30 s;
# You can define your own constants
# define my_asn = 65000;
# define my_addr = 198.51.100.1;
# Tables master4 and master6 are defined by default
# ipv4 table master4;
# ipv6 table master6;
# Define more tables, e.g. for policy routing or as MRIB
# ipv4 table mrib4;
# ipv6 table mrib6;
# The Device protocol is not a real routing protocol. It does not generate any
# routes and it only serves as a module for getting information about network
# interfaces from the kernel. It is necessary in almost any configuration.
protocol device {
}
# The direct protocol is not a real routing protocol. It automatically generates
# direct routes to all network interfaces. Can exist in as many instances as you
# wish if you want to populate multiple routing tables with direct routes.
protocol direct {
disabled; # Disable by default
ipv4; # Connect to default IPv4 table
ipv6; # … and to default IPv6 table
}
# The Kernel protocol is not a real routing protocol. Instead of communicating
# with other routers in the network, it performs synchronization of BIRD
# routing tables with the OS kernel. One instance per table.
protocol kernel {
ipv4 { # Connect protocol to IPv4 table by channel
# table master4; # Default IPv4 table is master4
# import all; # Import to table, default is import all
export all; # Export to protocol. default is export none
};
# learn; # Learn alien routes from the kernel
# kernel table 10; # Kernel table to synchronize with (default: main)
}
# Another instance for IPv6, skipping default options
protocol kernel {
ipv6 { export all; };
}
# Static routes (Again, there can be multiple instances, for different address
# families and to disable/enable various groups of static routes on the fly).
protocol static {
ipv4; # Again, IPv4 channel with default options
# route 0.0.0.0/0 via 198.51.100.10;
# route 192.0.2.0/24 blackhole;
# route 10.0.0.0/8 unreachable;
# route 10.2.0.0/24 via “eth0”;
# # Static routes can be defined with optional attributes
# route 10.1.1.0/24 via 198.51.100.3 { rip_metric = 3; };
# route 10.1.2.0/24 via 198.51.100.3 { ospf_metric1 = 100; };
# route 10.1.3.0/24 via 198.51.100.4 { ospf_metric2 = 100; };
}
# Pipe protocol connects two routing tables. Beware of loops.
# protocol pipe {
# table master4; # No ipv4/ipv6 channel definition like in other protocols
# peer table mrib4;
# import all; # Direction peer table -> table
# export all; # Direction table -> peer table
# }
# RIP example, both RIP and RIPng are supported
# protocol rip {
# ipv4 {
# # Export direct, static routes and ones from RIP itself
# import all;
# export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_RIP ];
# };
# interface “eth“ {
# update time 10; # Default period is 30
# timeout time 60; # Default timeout is 180
# authentication cryptographic; # No authentication by default
# password “hello” { algorithm hmac sha256; }; # Default is MD5
# };
# }
# OSPF example, both OSPFv2 and OSPFv3 are supported
# protocol ospf v3 {
# ipv6 {
# import all;
# export where source = RTS_STATIC;
# };
# area 0 {
# interface “eth“ {
# type broadcast; # Detected by default
# cost 10; # Interface metric
# hello 5; # Default hello perid 10 is too long
# };
# interface “tun*” {
# type ptp; # PtP mode, avoids DR selection
# cost 100; # Interface metric
# hello 5; # Default hello perid 10 is too long
# };
# interface “dummy0” {
# stub; # Stub interface, just propagate it
# };
# };
#}
# Define simple filter as an example for BGP import filter
# See https://gitlab.labs.nic.cz/labs/bird/wikis/BGP_filtering for more examples
# filter rt_import
# {
# if bgp_path.first != 64496 then accept;
# if bgp_path.len > 64 then accept;
# if bgp_next_hop != from then accept;
# reject;
# }
# BGP example, explicit name ‘uplink1’ is used instead of default ‘bgp1’
# protocol bgp uplink1 {
# description “My BGP uplink”;
# local 198.51.100.1 as 65000;
# neighbor 198.51.100.10 as 64496;
# hold time 90; # Default is 240
# password “secret”; # Password used for MD5 authentication
#
# ipv4 { # regular IPv4 unicast (1/1)
# import filter rt_import;
# export where source ~ [ RTS_STATIC, RTS_BGP ];
# };
#
# ipv6 { # regular IPv6 unicast (2/1)
# import filter rt_import;
# export filter { # The same as ‘where’ expression above
# if source ~ [ RTS_STATIC, RTS_BGP ]
# then accept;
# else reject;
# };
# };
#
# ipv4 multicast { # IPv4 multicast topology (1/2)
# table mrib4; # explicit IPv4 table
# import filter rt_import;
# export all;
# };
#
# ipv6 multicast { # IPv6 multicast topology (2/2)
# table mrib6; # explicit IPv6 table
# import filter rt_import;
# export all;
# import filter rt_import;
# export all;
# };
#}
# Template example. Using templates to define IBGP route reflector clients.
# template bgp rr_clients {
# local 10.0.0.1 as 65000;
# neighbor as 65000;
# rr client;
# rr cluster id 1.0.0.1;
#
# ipv4 {
# import all;
# export where source = RTS_BGP;
# };
#
# ipv6 {
# import all;
# export where source = RTS_BGP;
# };
# }
#
# protocol bgp client1 from rr_clients {
# neighbor 10.0.1.1;
# }
#
# protocol bgp client2 from rr_clients {
# neighbor 10.0.2.1;
# }
#
# protocol bgp client3 from rr_clients {
# neighbor 10.0.3.1;
# }
root@node-10-120-13-236:~#
birdcl -s /var/run/calico/bird.ctl show route
BIRD v0.3.3+birdv1.6.8 ready.
0.0.0.0/0 via 10.120.13.1 on ens160 [kernel1 2020-12-31] (10)
192.168.98.0/26 via 10.120.13.237 on ens160 [Mesh_10_120_13_237 2020-12-31] (100/0) [i]
unreachable [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/-) [i]
unreachable [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/-) [i]
unreachable [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/-) [i]
unreachable [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/-) [i]
via 10.120.13.237 on ens160 [Mesh_10_120_13_238 2020-12-31 from 10.120.13.238] (100/0) [i]
via 10.120.13.237 on ens160 [kernel1 2020-12-31] (10)
192.168.100.0/26 blackhole [static1 2020-12-31] (200)
unreachable [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/-) [i]
unreachable [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/-) [i]
unreachable [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/-) [i]
unreachable [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/-) [i]
192.168.100.0/32 dev vxlan.calico [direct1 2020-12-31] (240)
192.168.100.5/32 dev calia2c25e78e3e [kernel1 2020-12-31] (10)
192.168.100.4/32 dev cali03f1aaccec2 [kernel1 2020-12-31] (10)
192.168.100.6/32 dev calicc710dcfd64 [kernel1 2020-12-31] (10)
192.168.69.192/26 via 10.120.13.1 on ens160 [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/?) [i]
unreachable [Mesh_10_120_13_237 2020-12-31 from 10.120.13.237] (100/-) [i]
unreachable [Mesh_10_120_13_238 2020-12-31 from 10.120.13.238] (100/-) [i]
via 192.168.69.192 on vxlan.calico [kernel1 2020-12-31] (10)
192.168.95.0/26 via 10.120.13.1 on ens160 [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/?) [i]
unreachable [Mesh_10_120_13_237 2020-12-31 from 10.120.13.237] (100/-) [i]
unreachable [Mesh_10_120_13_238 2020-12-31 from 10.120.13.238] (100/-) [i]
via 192.168.95.0 on vxlan.calico [kernel1 2020-12-31] (10)
192.168.34.192/26 via 10.120.13.238 on ens160 [Mesh_10_120_13_237 2020-12-31 from 10.120.13.237] (100/0) [i]
unreachable [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/-) [i]
unreachable [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/-) [i]
unreachable [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/-) [i]
unreachable [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/-) [i]
via 10.120.13.238 on ens160 [Mesh_10_120_13_238 2020-12-31] (100/0) [i]
via 10.120.13.238 on ens160 [kernel1 2020-12-31] (10)
192.168.56.128/26 via 10.120.13.1 on ens160 [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/?) [i]
unreachable [Mesh_10_120_13_237 2020-12-31 from 10.120.13.237] (100/-) [i]
unreachable [Mesh_10_120_13_238 2020-12-31 from 10.120.13.238] (100/-) [i]
via 192.168.56.128 on vxlan.calico [kernel1 2020-12-31] (10)
192.168.3.128/26 via 10.120.13.1 on ens160 [Mesh_10_120_127_235 2021-01-01 from 10.120.127.235] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_236 2021-01-01 from 10.120.127.236] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_237 2021-01-01 from 10.120.127.237] (100/?) [i]
via 10.120.13.1 on ens160 [Mesh_10_120_127_238 2021-01-01 from 10.120.127.238] (100/?) [i]
unreachable [Mesh_10_120_13_237 2020-12-31 from 10.120.13.237] (100/-) [i]
unreachable [Mesh_10_120_13_238 2020-12-31 from 10.120.13.238] (100/-) [i]
via 192.168.3.128 on vxlan.calico [kernel1 2020-12-31] (10)
10.120.13.0/24 dev ens160 [direct1 2020-12-31] (240)
172.17.0.0/16 dev docker0 [direct1 2020-12-31] (240)
bird的 github 上 有 配置的 样例
https://github.com/projectcalico/bird/blob/feature-ipinip/docker-image/test-config/bird.cfg
bird的官网也有例子
Generated by confd
include “bird_aggr.cfg”;
include “bird_ipam.cfg”;
router id 10.192.0.2;
# Configure synchronization between routing tables and kernel.
protocol kernel {
learn; # Learn all alien routes from the kernel
persist; # Don’t remove routes on bird shutdown
scan time 2; # Scan kernel routing table every 2 seconds
import all;
export filter calico_kernel_programming; # Default is export none
graceful restart; # Turn on graceful restart to reduce potential flaps in
# routes when reloading BIRD configuration. With a full
# automatic mesh, there is no way to prevent BGP from
# flapping since multiple nodes update their BGP
# configuration at the same time, GR is not guaranteed to
# work correctly in this scenario.
}
# Watch interface up/down events.
protocol device {
debug { states };
scan time 2; # Scan interfaces every 2 seconds
}
protocol direct {
debug { states };
interface -“cali“, ““; # Exclude cali* but include everything else.
}
# Template for all BGP clients
template bgp bgp_template {
debug { states };
description “Connection to BGP peer”;
local as 64512;
multihop;
gateway recursive; # This should be the default, but just in case.
import all; # Import all routes, since we don’t know what the upstream
# topology is and therefore have to trust the ToR/RR.
export filter calico_export_to_bgp_peers; # Only want to export routes for workloads.
source address 10.192.0.2; # The local address we use for the TCP connection
add paths on;
graceful restart; # See comment in kernel section about graceful restart.
connect delay time 2;
connect retry time 5;
error wait time 5,30;
}
# ——————- Node-to-node mesh ——————-
# This node is configured as a route reflector with cluster ID 10.0.0.1;
# ignore node-to-node mesh setting.
# ——————- Global peers ——————-
# No global peers configured.
# ——————- Node-specific peers ——————-
# For peer /host/kube-master/peer_v4/172.19.4.87
protocol bgp Node_172_19_4_87 from bgp_template {
neighbor 172.19.4.87 as 64533;
}
若有收获,就点个赞吧
0 人点赞
