Add script to update roa

.gitignore

@@ -1,2 +1,3 @@
 conf
 concrete
+roa*.conf

bird.conf

@@ -1,6 +1,7 @@
 # Refer: https://dn42.dev/howto/Bird2
 # Refer: https://lantian.pub/article/modify-website/bird-confederation.lantian
 
+include "/etc/bird/net-info.conf";
 include "/etc/bird/conf/net-info.conf";
 
 router id OWNIP;
@@ -55,18 +56,14 @@ function is_valid_network_v6() {
 }
 
 function is_kas_network() {
-    if net ~ [
+    if net ~ KASNET_SET then accept;
-        172.16.0.0/24+
-    ] then accept;
     if is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then {
         accept;
     } else reject;
 }
 
 function is_kas_network_v6() {
-    if net ~ [
+    if net ~ KASNET_SETv6 then accept;
-        fd08:93f3:b7eb::def:0/112+
-    ] then accept;
     if is_valid_network_v6() && source ~ [RTS_STATIC, RTS_BGP] then {
         accept;
     } else reject;
@@ -131,7 +128,7 @@ template bgp dn42_external_peer {
         };
 
         export filter {
-            bgp_path.delete([4215350000..4215359999]);
+            bgp_path.delete(KASNET_ASSET);
             if is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject;
         };
         import limit 1000 action block;
@@ -147,7 +144,7 @@ template bgp dn42_external_peer {
             } else reject;
         };
         export filter {
-          bgp_path.delete([4215350000..4215359999]);
+          bgp_path.delete(KASNET_ASSET);
           if is_valid_network_v6() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject;
         };
         import limit 1000 action block; 
@@ -190,6 +187,11 @@ template bgp kas_internal_peer {
     };
 };
 
+# Config for peering eBGPs
 include "/etc/bird/conf/peers/*.conf";
+
+# Config for peering edges (those nodes peering with eBGP)
 include "/etc/bird/conf/edges/*.conf";
+
+# Config for peering internals
 include "/etc/bird/conf/internals/*.conf";

example/net-info.conf

@@ -1,16 +1,11 @@
-# DN42 ASN
+#####################
-define OWNAS = 4242421535;
+# Node Network Info #
+#####################
 
 # Node IP
 define OWNIP = 172.20.150.129;
 define OWNIPv6 = fd08:93f3:b7eb::1;
 
-# DN42 IP Prefix
-define OWNNET = 172.20.150.128/28;
-define OWNNETv6 = fd08:93f3:b7eb::/48;
-define OWNNETSET = [172.20.150.128/28+];
-define OWNNETSETv6 = [fd08:93f3:b7eb::/48+];
-
 # Private ASN (for BGP confederation)
 #   my format: 42<dn42 asn last 4 digit><node ip last 8 bit>
 define KASNET_AS = 4215350129;

net-info.conf

@@ -0,0 +1,21 @@
+#######################
+# Common Network Info #
+#######################
+
+# DN42 ASN
+define OWNAS = 4242421535;
+
+# DN42 IP Prefix
+define OWNNET = 172.20.150.128/28;
+define OWNNETv6 = fd08:93f3:b7eb::/48;
+define OWNNETSET = [172.20.150.128/28+];
+define OWNNETSETv6 = [fd08:93f3:b7eb::/48+];
+
+# Private ASN Set (!Important! should contian ALL your private asn)
+define KASNET_ASSET = [4215350000..4215359999];
+
+# Private Network prefix (for BGP confederation)
+define KASNET_SET = [172.16.0.0/24+];
+
+# Private Network IPv6 prefix (for BGP confederation)
+define KASNET_SETv6 = [fd08:93f3:b7eb::def:0/112+]; 

script/update_roa.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+BIRD_CONF_DIR=$(dirname "$0")/../
+
+# Root check
+if [[ $(id -u) -ne 0 ]]; then
+    echo "Run this script with root!" >&2
+    exit 1
+fi
+
+# Update from: https://dn42.burble.com/services/public/#roa-data
+echo "Updating IPv4 roa..."
+curl -sfSLR -o$BIRD_CONF_DIR/roa_dn42.conf -z$BIRD_CONF_DIR/roa_dn42.conf https://dn42.burble.com/roa/dn42_roa_bird2_4.conf
+
+echo "Updating IPv6 roa..."
+curl -sfSLR -o$BIRD_CONF_DIR/roa_dn42_v6.conf -z$BIRD_CONF_DIR/roa_dn42_v6.conf https://dn42.burble.com/roa/dn42_roa_bird2_6.conf
+
+echo "Re-configuring..."
+/usr/sbin/birdc configure
+
+echo "ROA Data updated"