Changes in 8dc9c06: Simplify valid networks, we don't route public ip space, it's not working properly!

				howto/Bird.md
			
          @@ -108,91 +108,12 @@ define OWNIP = <GATEWAY_IP>;

           function is_self_net() {

             return net ~ [<SUBNET>+];

           }

          -```

          -

          -Generate the filter list from the monotone repository

          -

          -```

          -$ cd net.dn42.registry

          -$ ruby utils/bgp-filter.rb --format bird < data/filter6.txt > /etc/bird/filter6.conf

          -

          -or

          -$ curl -s https://ca.dn42.us/reg/filter6.txt | \

          -    awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' | \

          -    awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \

          -        NR > 1 {printf ",\n"} {printf "  %s", $1}

          -        END {printf "\n ];\n}\n"}' > /etc/bird/filter6.conf

          -```

          -

          -example filter list:

          -

          -```

           function is_valid_network() {

             return net ~ [

          -    fc00::/8{48,64}, # ULA (undefined)

          -    fd00::/8{48,64}, # ULA (defined)

          -    2001:67c:20c1::/48{48,48}, # E-UTP IPv6

          -    2001:bf7::/32{32,128}, # Freifunk (Foerderverein Freie Netzwerke) IPv6 Range

          -    2001:67c:20a1::/48{48,48}, # CCC Event Network

          -    2001:0470:006c:01d5::/64{64,64}, # Registered IANA

          -    2001:0470:006d:0655::/64{64,64},

          -    2001:0470:1f09:172d::/64{64,64},

          -    2001:0470:1f0b:0592::/64{64,64},

          -    2001:0470:1f0b:0bca::/64{64,64},

          -    2001:0470:1f0b:1af5::/64{64,64},

          -    2001:0470:1f10:0275::/64{64,64},

          -    2001:0470:1f12:0004::/64{64,64},

          -    2001:0470:5084::/48{48,64},

          -    2001:0470:51c6::/48{48,64},

          -    2001:0470:73d3::/48{48,64},

          -    2001:0470:7972::/48{48,64},

          -    2001:0470:9949::/48{48,64},

          -    2001:0470:99fc::/48{48,64},

          -    2001:0470:9af8::/48{48,64},

          -    2001:0470:9ce6::/55{55,64},

          -    2001:0470:9f43::/48{48,64},

          -    2001:0470:caab::/48{48,64},

          -    2001:0470:cd99::/48{48,64},

          -    2001:0470:d4df::/48{48,64},

          -    2001:0470:d889:0010::/64{64,64},

          -    2001:0470:e3f0:000a::/64{64,64},

          -    2001:067c:21ec::/48{48,64},

          -    2001:06f8:1019:0000::/64{64,64},

          -    2001:06f8:118b::/48{48,64},

          -    2001:06f8:1194::/48{48,64},

          -    2001:06f8:121a::/48{48,64},

          -    2001:06f8:1c1b::/48{48,64},

          -    2001:06f8:1d14::/48{48,64},

          -    2001:06f8:1d26::/48{48,64},

          -    2001:06f8:1d53::/48{48,64},

          -    2001:07f0:3003::/48{48,64},

          -    2001:08d8:0081:05c8::/63{63,64},  

          -    2001:08d8:0081:05ca::/64{64,64},

          -    2001:15c0:1000:0100::/64{64,64},

          -    2001:1b60:1000:0001::/64{64,64},

          -    2001:41d0:0001:b6bb::/64{64,64},

          -    2001:41d0:0001:cd42::/64{64,64},

          -    2001:4dd0:fcff::/48{48,64},

          -    2001:4dd0:fdd3::/48{48,64},

          -    2001:4dd0:ff00:8710::/64{64,64},

          -    2604:8800:0179:4200::/56{56,64},

          -    2801:0000:80:8000::/50{50,64},

          -    2a00:1328:e101:0200::/56{56,64},

          -    2a00:1828:2000:0289::/64{64,64},

          -    2a00:1828:a013:d242::/64{64,64},

          -    2a00:5540:0387::/48{48,64},

          -    2a01:0198:022c::/48{48,64},

          -    2a01:0198:035a:fd13::/64{64,64},

          -    2a01:0198:0485::/48{48,64},

          -    2a01:04f8:0121:4fff::/64{64,64},

          -    2a01:04f8:0140:1ffd::/64{64,64},

          -    2a01:04f8:0d13:17c0::/64{64,64},

          -    2a02:0a00:e010:3c00::/56{56,64},

          -    2a02:0ee0:0002:0051::/64{64,64},

          -    2a03:2260::/30{30,64}

          -  ];

          -} 

          +    'fd00::/8' # ULA address space as per RFC 4193

          +  ]

          +}

           ```

           ```

          @@ -297,52 +218,18 @@ define OWNIP = <GATEWAY_IP>;

           function is_self_net() {

             return net ~ [<SUBNET>+];

           }

          -```

          -

          -Generate the filter list from the monotone repository

          -

          -```

          -$ cd net.dn42.registry

          -$ ruby utils/bgp-filter.rb --format bird < data/filter.txt > /var/lib/bird/filter4.conf

          -

          -or

          -$ curl -s https://ca.dn42.us/reg/filter.txt | \

          -    awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' | \

          -    awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \

          -        NR > 1 {printf ",\n"} {printf "  %s", $1}

          -        END {printf "\n ];\n}\n"}' > /var/lib/bird/filter4.conf

          -```

          -

          -example filter list:

          -

          -```

           function is_valid_network() {

             return net ~ [

          -    172.20.0.0/14{21,29}, # dn42 main net

          -    172.20.0.0/24{28,32}, # dn42 Anycast range

          -    172.21.0.0/24{28,32}, # dn42 Anycast range

          -    172.22.0.0/24{28,32}, # dn42 Anycast range

          -    172.23.0.0/24{28,32}, # dn42 Anycast range

          -    192.175.48.0/24{24,32}, # AS112-prefix for reverse-dns  

          -    10.0.0.0/8{12,28}, # freifunk/chaosvpn

          -    172.31.0.0/16{22,28}, # chaosvpn

          -    100.64.0.0/10{12,28}, # iana private range

          -    195.160.168.0/23{23,28}, # ctdo

          -    91.204.4.0/22{22,28}, # free.de via ctdo

          -    193.43.220.0/23{23,28}, # durchdieluft via ctdo

          -    83.133.178.0/23{23,28}, # muccc kapsel

          -    87.106.29.254/32{32,32}, # wintix (please don' announce /32)

          -    85.25.246.16/28{28,32}, # leon

          -    46.4.248.192/27{27,32}, # welterde

          -    94.45.224.0/19{19,28}, # ccc event network

          -    151.217.0.0/16{16,28}, # ccc event network 2

          -    195.191.196.0/23{23,29}, # ichdasich pi space

          -    80.244.241.224/27{27,32}, # jchome service network

          -    188.40.34.241/32{32,32},

          -    37.1.89.192/26{26,28}, # siska

          -    87.98.246.19/32{32,32}

          -  ];

          +    172.20.0.0/14{21,29}, # dn42

          +    172.20.0.0/24{28,32}, # dn42 Anycast

          +    172.21.0.0/24{28,32}, # dn42 Anycast

          +    172.22.0.0/24{28,32}, # dn42 Anycast

          +    172.23.0.0/24{28,32}, # dn42 Anycast

          +    172.31.0.0/16+,       # ChaosVPN

          +    10.100.0.0/14+,       # ChaosVPN

          +    10.0.0.0/8{15,22}     # Freifunk.net

          +  ]

           }

           ```

...	...	@@ -108,91 +108,12 @@ define OWNIP = <GATEWAY_IP>;
108	108	function is_self_net() {
109	109	return net ~ [<SUBNET>+];
110	110	}
111		-```
112		-
113		-Generate the filter list from the monotone repository
114		-
115		-```
116		-$ cd net.dn42.registry
117		-$ ruby utils/bgp-filter.rb --format bird < data/filter6.txt > /etc/bird/filter6.conf
118		-
119		-or
120	111
121		-$ curl -s https://ca.dn42.us/reg/filter6.txt \| \
122		- awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' \| \
123		- awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \
124		- NR > 1 {printf ",\n"} {printf " %s", $1}
125		- END {printf "\n ];\n}\n"}' > /etc/bird/filter6.conf
126		-```
127		-
128		-example filter list:
129		-
130		-```
131	112	function is_valid_network() {
132	113	return net ~ [
133		- fc00::/8{48,64}, # ULA (undefined)
134		- fd00::/8{48,64}, # ULA (defined)
135		- 2001:67c:20c1::/48{48,48}, # E-UTP IPv6
136		- 2001:bf7::/32{32,128}, # Freifunk (Foerderverein Freie Netzwerke) IPv6 Range
137		- 2001:67c:20a1::/48{48,48}, # CCC Event Network
138		- 2001:0470:006c:01d5::/64{64,64}, # Registered IANA
139		- 2001:0470:006d:0655::/64{64,64},
140		- 2001:0470:1f09:172d::/64{64,64},
141		- 2001:0470:1f0b:0592::/64{64,64},
142		- 2001:0470:1f0b:0bca::/64{64,64},
143		- 2001:0470:1f0b:1af5::/64{64,64},
144		- 2001:0470:1f10:0275::/64{64,64},
145		- 2001:0470:1f12:0004::/64{64,64},
146		- 2001:0470:5084::/48{48,64},
147		- 2001:0470:51c6::/48{48,64},
148		- 2001:0470:73d3::/48{48,64},
149		- 2001:0470:7972::/48{48,64},
150		- 2001:0470:9949::/48{48,64},
151		- 2001:0470:99fc::/48{48,64},
152		- 2001:0470:9af8::/48{48,64},
153		- 2001:0470:9ce6::/55{55,64},
154		- 2001:0470:9f43::/48{48,64},
155		- 2001:0470:caab::/48{48,64},
156		- 2001:0470:cd99::/48{48,64},
157		- 2001:0470:d4df::/48{48,64},
158		- 2001:0470:d889:0010::/64{64,64},
159		- 2001:0470:e3f0:000a::/64{64,64},
160		- 2001:067c:21ec::/48{48,64},
161		- 2001:06f8:1019:0000::/64{64,64},
162		- 2001:06f8:118b::/48{48,64},
163		- 2001:06f8:1194::/48{48,64},
164		- 2001:06f8:121a::/48{48,64},
165		- 2001:06f8:1c1b::/48{48,64},
166		- 2001:06f8:1d14::/48{48,64},
167		- 2001:06f8:1d26::/48{48,64},
168		- 2001:06f8:1d53::/48{48,64},
169		- 2001:07f0:3003::/48{48,64},
170		- 2001:08d8:0081:05c8::/63{63,64},
171		- 2001:08d8:0081:05ca::/64{64,64},
172		- 2001:15c0:1000:0100::/64{64,64},
173		- 2001:1b60:1000:0001::/64{64,64},
174		- 2001:41d0:0001:b6bb::/64{64,64},
175		- 2001:41d0:0001:cd42::/64{64,64},
176		- 2001:4dd0:fcff::/48{48,64},
177		- 2001:4dd0:fdd3::/48{48,64},
178		- 2001:4dd0:ff00:8710::/64{64,64},
179		- 2604:8800:0179:4200::/56{56,64},
180		- 2801:0000:80:8000::/50{50,64},
181		- 2a00:1328:e101:0200::/56{56,64},
182		- 2a00:1828:2000:0289::/64{64,64},
183		- 2a00:1828:a013:d242::/64{64,64},
184		- 2a00:5540:0387::/48{48,64},
185		- 2a01:0198:022c::/48{48,64},
186		- 2a01:0198:035a:fd13::/64{64,64},
187		- 2a01:0198:0485::/48{48,64},
188		- 2a01:04f8:0121:4fff::/64{64,64},
189		- 2a01:04f8:0140:1ffd::/64{64,64},
190		- 2a01:04f8:0d13:17c0::/64{64,64},
191		- 2a02:0a00:e010:3c00::/56{56,64},
192		- 2a02:0ee0:0002:0051::/64{64,64},
193		- 2a03:2260::/30{30,64}
194		- ];
195		-}
	114	+ 'fd00::/8' # ULA address space as per RFC 4193
	115	+ ]
	116	+}
196	117	```
197	118
198	119	```
...	...	@@ -297,52 +218,18 @@ define OWNIP = <GATEWAY_IP>;
297	218	function is_self_net() {
298	219	return net ~ [<SUBNET>+];
299	220	}
300		-```
301		-
302		-Generate the filter list from the monotone repository
303		-
304		-```
305		-$ cd net.dn42.registry
306		-$ ruby utils/bgp-filter.rb --format bird < data/filter.txt > /var/lib/bird/filter4.conf
307		-
308		-or
309	221
310		-$ curl -s https://ca.dn42.us/reg/filter.txt \| \
311		- awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' \| \
312		- awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \
313		- NR > 1 {printf ",\n"} {printf " %s", $1}
314		- END {printf "\n ];\n}\n"}' > /var/lib/bird/filter4.conf
315		-```
316		-
317		-example filter list:
318		-
319		-```
320	222	function is_valid_network() {
321	223	return net ~ [
322		- 172.20.0.0/14{21,29}, # dn42 main net
323		- 172.20.0.0/24{28,32}, # dn42 Anycast range
324		- 172.21.0.0/24{28,32}, # dn42 Anycast range
325		- 172.22.0.0/24{28,32}, # dn42 Anycast range
326		- 172.23.0.0/24{28,32}, # dn42 Anycast range
327		- 192.175.48.0/24{24,32}, # AS112-prefix for reverse-dns
328		- 10.0.0.0/8{12,28}, # freifunk/chaosvpn
329		- 172.31.0.0/16{22,28}, # chaosvpn
330		- 100.64.0.0/10{12,28}, # iana private range
331		- 195.160.168.0/23{23,28}, # ctdo
332		- 91.204.4.0/22{22,28}, # free.de via ctdo
333		- 193.43.220.0/23{23,28}, # durchdieluft via ctdo
334		- 83.133.178.0/23{23,28}, # muccc kapsel
335		- 87.106.29.254/32{32,32}, # wintix (please don' announce /32)
336		- 85.25.246.16/28{28,32}, # leon
337		- 46.4.248.192/27{27,32}, # welterde
338		- 94.45.224.0/19{19,28}, # ccc event network
339		- 151.217.0.0/16{16,28}, # ccc event network 2
340		- 195.191.196.0/23{23,29}, # ichdasich pi space
341		- 80.244.241.224/27{27,32}, # jchome service network
342		- 188.40.34.241/32{32,32},
343		- 37.1.89.192/26{26,28}, # siska
344		- 87.98.246.19/32{32,32}
345		- ];
	224	+ 172.20.0.0/14{21,29}, # dn42
	225	+ 172.20.0.0/24{28,32}, # dn42 Anycast
	226	+ 172.21.0.0/24{28,32}, # dn42 Anycast
	227	+ 172.22.0.0/24{28,32}, # dn42 Anycast
	228	+ 172.23.0.0/24{28,32}, # dn42 Anycast
	229	+ 172.31.0.0/16+, # ChaosVPN
	230	+ 10.100.0.0/14+, # ChaosVPN
	231	+ 10.0.0.0/8{15,22} # Freifunk.net
	232	+ ]
346	233	}
347	234	```
348	235