On Sat, Jul 09, 2022 at 10:44:26AM +0200, Nico Schottelius wrote: > > Good morning fellow bird users, > > I was wondering how you handle "dynamic reconfigurations" such as > rerouting, adding filters, changing the priority of routes in case of > attacks? > > In particular I wonder if there is a "good way" to tell bird to lower or > raise a certain route temporarily, i.e. something that would be reset on > a reload? Or to tell bird to forget about specific routes that you want > to filter for blackholing certain parts? > > So far in case of attacks we usually edit bird.conf, reload > bird and after the attacks are done, purge/overwrite the config with our > config management (cdist in our case). > > This works, but has a bit of a write-reload instead of a set-and-forget > behaviour, and I was more looking to something like "set on a switch, > but don't issue the write command"-mode. > > Any thoughts on this?
Hello Two ideas: 1) Use separate copy of a config file, and then use it as an argument: configure "bird-temp.conf" So your basic configuration stays unchanged. 2) Use some additional kernel routing table for these dynamic routes and import them to BIRD using kernel protocol with 'learn' option. Then add/remove these routes using 'ip' system tool. BTW, your e-mail has date 2022-07-09. but all headers have today date (2022-07-14). -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: [email protected]) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
