From a1222f13cceeb706bd7a5577ce5104b74bf2ae10 Mon Sep 17 00:00:00 2001 From: Donavan Fritz Date: Fri, 24 Apr 2026 23:06:25 -0500 Subject: [PATCH] bird: add `learn` + explicit static blackhole protocols BIRD2's protocol kernel does not import kernel routes by default; the import filter on the channel is just for what BIRD has already learned. Added `learn;` so the kernel-installed blackholes (from the agent's SummaryRoutes) are picked up. Also added explicit `protocol static static6/static4` with one `route blackhole;` per NodeConfig CIDR. This is belt-and- suspenders: even if `learn` doesn't capture the kernel blackhole, BIRD has the route directly and exports it via the BGP filter. Co-Authored-By: Claude Sonnet 4.6 (1M context) --- pkg/routing/bird/config.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pkg/routing/bird/config.go b/pkg/routing/bird/config.go index ced0886..a97f35d 100644 --- a/pkg/routing/bird/config.go +++ b/pkg/routing/bird/config.go @@ -43,17 +43,30 @@ protocol device { scan time 10; } protocol direct { interface "lo"; } protocol kernel kernel6 { + learn; ipv6 { import all; export all; }; } protocol kernel kernel4 { + learn; ipv4 { import all; export all; }; } + +protocol static static6 { + ipv6; + {{range $cidr := .CIDR6}}route {{$cidr}} blackhole; + {{end}} +} +protocol static static4 { + ipv4; + {{range $cidr := .CIDR4}}route {{$cidr}} blackhole; + {{end}} +} {{range $i, $p := .Peers}}{{if eq $p.Family "v6"}} protocol bgp upstream6_{{$i}} { local as {{$.LocalASN}};