That is almost the same methodology I used in other engines(RPL and XPL).
But, after having some issues on performance of control plane, I needed to
change a bit...
Splitting the IFs of v4 and v6, and then inside that IF testing for the
Prefix-list.
Doing that recursion on IFs, reduced a bit the impact on CPU of
route-filtering job.
I'm curious if Bind has some method to optimize logic and sequence of those
combined tests in some how.
Em ter., 23 de jan. de 2024 às 10:44, Luiz Amaral <em...@luiz.eng.br>
escreveu:
> Hello Nico,
>
> I make separate defines per family (like you did) and then in my filters
> I just use:
> if (net.type = NET_IP4 && ! (net ~ ASxxx_IPV4)) then reject;
> if (net.type = NET_IP6 && ! (net ~ ASxxx_IPV6)) then reject;
>
> Best,
> Luiz
>
> On 23/01/2024 14:13, Nico Schottelius via Bird-users wrote:
> > Hello bird users,
> >
> > I am wondering how you handle matching both IPv6 and IPv4 prefixes
> > efficiently.
> >
> > We have tons of blocks in our config like these:
> >
> > define net_genauso_v6 = [
> > 2a0a:5480::/29+
> > ];
> >
> > define net_genauso_v4 = [
> > 185.203.113.0/24,
> > 185.116.114.0/24
> > ];
> >
> > And then later we have a function that combines them like this:
> >
> > function is_genauso() -> bool
> > {
> > if ((net ~ net_genauso_v6) ||
> > (net ~ net_genauso_v4)) then {
> > return true;
> > }
> >
> > return false;
> > }
> >
> > And then much later, we have various filters utilising the function, the
> > most simple one being:
> >
> > filter genauso {
> > if(is_genauso()) then accept;
> > reject;
> > }
> >
> > Which is then used in both IPv4 & IPv6 channels:
> >
> > protocol bgp incoming_r2ge {
> > ...
> >
> > ipv6 {
> > import filter genauso;
> > export none;
> > };
> >
> > ipv4 {
> > import filter genauso;
> > export none;
> > extended next hop on;
> > };
> > }
> >
> >
> > Instead of writing a wrapper function for each peer/constellation, it
> > would be great if we could do something like that:
> >
> > define net_genauso = [
> > 2a0a:5480::/29+,
> > 185.203.113.0/24,
> > 185.116.114.0/24
> > ];
> >
> > ...
> > filter genauso {
> > if(net ~ net_genauso) then accept;
> > reject;
> > }
> > ...
> >
> > However as of bird 2.14, this results in the following error:
> >
> > bridge:~nico# bird -f -c ./bird.conf
> > bird: ./bird.conf:208:23 Mixed IPv4/IPv6 prefixes in prefix set.
> >
> > So my question is, how do you usually match on the two families? Do you
> > also write a wrapper function like above? Or do you have a smarter way?
> >
> > BR,
> >
> > Nico
> >
> > --
> > Sustainable and modern Infrastructures by ungleich.ch
>
>
--
Douglas Fernando Fischer
Engº de Controle e Automação
