From 872fbea418f9762ea8135891b7d31c73f19e2b82 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Thu, 17 Dec 2020 01:35:27 +0100
Subject: [PATCH] Init ibgp routing

---
 configuration/router/default.nix |  2 ++
 hosts/carbon/configuration.nix   | 36 ++++++++++++++++++++++
 hosts/nonat/configuration.nix    | 52 +++++++++++++++++++++++++++-----
 hosts/porter/configuration.nix   | 36 ++++++++++++++++++++++
 4 files changed, 118 insertions(+), 8 deletions(-)

diff --git a/configuration/router/default.nix b/configuration/router/default.nix
index d36f491..5ef8c8f 100644
--- a/configuration/router/default.nix
+++ b/configuration/router/default.nix
@@ -10,6 +10,8 @@
     "net.ipv6.conf.all.forwarding" = true;
   };
 
+  # Open Firewall for BGP
+  networking.firewall.allowedTCPPorts = [ 179 ];
   # Open Fireall for OSPF
   networking.firewall.extraCommands = ''
   ip6tables -A INPUT -p ospfigp -j ACCEPT
diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 78fae22..4cacc17 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -57,6 +57,8 @@
 
   ipv6 table ospf6;
   ipv4 table ospf4;
+  ipv6 table bgp6;
+  ipv4 table bgp4;
 
   protocol direct direct_lo {
     interface "lo";
@@ -128,6 +130,40 @@
     };
   }
 
+  template bgp ibgp6 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
+    ipv6 {
+      table bgp6;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  template bgp ibgp4 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
+    ipv4 {
+      table bgp4;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  protocol bgp bgp_nonat from ibgp6 {
+    neighbor fd00:152:152:103::1 as 4200002574;
+  }
+
+  protocol bgp bgp_porter from ibgp6 {
+    neighbor fd00:152:152:102::1 as 4200002574;
+  }
+
   protocol device {
     scan time 10;
   }
diff --git a/hosts/nonat/configuration.nix b/hosts/nonat/configuration.nix
index d2538fd..6bd6bab 100644
--- a/hosts/nonat/configuration.nix
+++ b/hosts/nonat/configuration.nix
@@ -72,17 +72,19 @@
 
   ipv6 table ospf6;
   ipv4 table ospf4;
+  ipv6 table bgp6;
+  ipv4 table bgp4;
 
-  protocol static static_6 {
+  protocol static static_bgp6 {
     ipv6 {
-      table ospf6;
+      table bgp6;
     };
     route 2001:638:904::/48 via ${config.networking.defaultGateway6.address};
   }
 
-  protocol static static_4 {
+  protocol static static_bgp4 {
     ipv4 {
-      table ospf4;
+      table bgp4;
     };
     route 141.24.0.0/16 via ${config.networking.defaultGateway.address};
   }
@@ -107,22 +109,22 @@
     };
   }
 
-  protocol kernel kernel_6 {
+  protocol kernel kernel_ospf6 {
     ipv6 {
       table ospf6;
       export filter {
-        krt_prefsrc=fd00:152:152:103::1;
+        krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
         accept;
       };
       import none;
     };
   }
 
-  protocol kernel kernel_4 {
+  protocol kernel kernel_ospf4 {
     ipv4 {
       table ospf4;
       export filter {
-        krt_prefsrc=10.152.103.1;
+        krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
         accept;
       };
       import none;
@@ -157,6 +159,40 @@
     };
   }
 
+  template bgp ibgp6 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
+    ipv6 {
+      table bgp6;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  template bgp ibgp4 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
+    ipv4 {
+      table bgp4;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  protocol bgp bgp_carbon from ibgp6 {
+    neighbor fd00:152:152:104::1 as 4200002574;
+  }
+
+  protocol bgp bgp_porter from ibgp6 {
+    neighbor fd00:152:152:102::1 as 4200002574;
+  }
+
   protocol device {
     scan time 10;
   }
diff --git a/hosts/porter/configuration.nix b/hosts/porter/configuration.nix
index 38bf535..4e6acea 100644
--- a/hosts/porter/configuration.nix
+++ b/hosts/porter/configuration.nix
@@ -64,6 +64,8 @@
 
   ipv6 table ospf6;
   ipv4 table ospf4;
+  ipv6 table bgp6;
+  ipv4 table bgp4;
 
   protocol direct {
     interface "lo";
@@ -133,6 +135,40 @@
     };
   }
 
+  template bgp ibgp6 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
+    ipv6 {
+      table bgp6;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  template bgp ibgp4 {
+    local as 4200002574;
+    graceful restart on;
+    source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
+    ipv4 {
+      table bgp4;
+      next hop self;
+      import keep filtered;
+      import all;
+      export all;
+    };
+  }
+
+  protocol bgp bgp_carbon from ibgp6 {
+    neighbor fd00:152:152:104::1 as 4200002574;
+  }
+
+  protocol bgp bgp_nonat from ibgp6 {
+    neighbor fd00:152:152:103::1 as 4200002574;
+  }
+
   protocol device {
     scan time 10;
   }