Skip to main content

Configuration

Config

peeringdb-query-timeout

PeeringDB query timeout in seconds

TypeDefaultValidation
uint10

peeringdb-api-key

PeeringDB API key

TypeDefaultValidation
string

peeringdb-cache

Cache PeeringDB results

TypeDefaultValidation
booltrue

irr-query-timeout

IRR query timeout in seconds

TypeDefaultValidation
uint30

bird-directory

Directory to store BIRD configs

TypeDefaultValidation
string/etc/bird/

bird-binary

Path to BIRD binary

TypeDefaultValidation
string/usr/sbin/bird

bird-socket

UNIX control socket for BIRD

TypeDefaultValidation
string/run/bird/bird.ctl

cache-directory

Directory to store runtime configuration cache

TypeDefaultValidation
string/var/run/pathvector/cache/

keepalived-config

Configuration file for keepalived

TypeDefaultValidation
string/etc/keepalived.conf

web-ui-file

File to write web UI to (disabled if empty)

TypeDefaultValidation
string

log-file

Log file location

TypeDefaultValidation
stringsyslog

global-config

Global BIRD configuration

TypeDefaultValidation
string

peeringdb-url

PeeringDB API URL, can be set to a local PeeringDB cache server

TypeDefaultValidation
stringhttps://peeringdb.com/api/

blocklist

List of ASNs, prefixes, and IP addresses to block

TypeDefaultValidation
[]string

blocklist-urls

List of URLs to fetch blocklists from

TypeDefaultValidation
[]string

blocklist-files

List of files to fetch blocklists from

TypeDefaultValidation
[]string

origin-communities

List of communities to accept as locally originated routes

TypeDefaultValidation
[]string

local-communities

List of communities to add to locally originated prefixes

TypeDefaultValidation
[]string

add-on-import

List of communities to add to all imported routes

TypeDefaultValidation
[]string

add-on-export

List of communities to add to all exported routes

TypeDefaultValidation
[]string

hostname

Router hostname (default system hostname)

TypeDefaultValidation
string

asn

Autonomous System Number

TypeDefaultValidation
int0required

prefixes

List of prefixes to announce

TypeDefaultValidation
[]string

router-id

Router ID (dotted quad notation)

TypeDefaultValidation
stringrequired

irr-server

Internet routing registry server

TypeDefaultValidation
stringrr.ntt.net

rtr-server

RPKI-to-router server

TypeDefaultValidation
stringrtr.rpki.cloudflare.com:8282

bgpq-args

Additional command line arguments to pass to bgpq4

TypeDefaultValidation
string

keep-filtered

Should filtered routes be kept in memory?

TypeDefaultValidation
boolfalse

merge-paths

Should best and equivalent non-best routes be imported to build ECMP routes?

TypeDefaultValidation
boolfalse

source4

Source IPv4 address

TypeDefaultValidation
string

source6

Source IPv6 address

TypeDefaultValidation
string

default-route

Add a default route

TypeDefaultValidation
booltrue

accept-default

Should default routes be accepted? Setting to false adds 0.0.0.0/0 and ::/0 to the global bogon list.

TypeDefaultValidation
boolfalse

rpki-enable

Enable RPKI protocol

TypeDefaultValidation
booltrue

transit-asns

List of ASNs to consider transit providers for filter-transit-asns (default list in config)

TypeDefaultValidation
[]uint32

bogons4

List of IPv4 bogons (default list in config)

TypeDefaultValidation
[]string

bogons6

List of IPv6 bogons (default list in config)

TypeDefaultValidation
[]string

bogon-asns

List of ASNs to consider bogons (default list in config)

TypeDefaultValidation
[]string

blackhole-bogon-asns

Should routes containing bogon ASNs be blackholed?

TypeDefaultValidation
boolfalse

no-announce

Don't announce any routes to any peer

TypeDefaultValidation
boolfalse

no-accept

Don't accept any routes from any peer

TypeDefaultValidation
boolfalse

stun

Don't accept or announce any routes from any peer (sets no-announce and no-accept)

TypeDefaultValidation
boolfalse

authorized-providers

Map of origin ASN to authorized provider ASN list

TypeDefaultValidation
map[uint32][]uint32

peers

BGP peer configuration

TypeDefaultValidation
map[string]Peer

templates

BGP peer templates

TypeDefaultValidation
map[string]Peer

vrrp

List of VRRP instances

TypeDefaultValidation
map[string]VRRPInstance

bfd

BFD instances

TypeDefaultValidation
map[string]BFDInstance

mrt

MRT instances

TypeDefaultValidation
map[string]MRTInstance

kernel

Kernel routing configuration options

TypeDefaultValidation
Kernel

optimizer

Route optimizer options

TypeDefaultValidation
Optimizer

plugins

Plugin-specific configuration

TypeDefaultValidation
map[string]string

BFDInstance

neighbor

Neighbor IP address

TypeDefaultValidation
string

interface

Interface (pattern accepted)

TypeDefaultValidation
string

interval

RX and TX interval

TypeDefaultValidation
uint200

multiplier

Number of missed packets for the state to be declared down

TypeDefaultValidation
uint10

Kernel

accept4

List of BIRD protocols to import into the IPv4 table

TypeDefaultValidation
[]string

accept6

List of BIRD protocols to import into the IPv6 table

TypeDefaultValidation
[]string

reject4

List of BIRD protocols to not import into the IPv4 table

TypeDefaultValidation
[]string

reject6

List of BIRD protocols to not import into the IPv6 table

TypeDefaultValidation
[]string

statics

List of static routes to include in BIRD

TypeDefaultValidation
map[string]string

srd-communities

List of communities to filter routes exported to kernel (if list is not empty, all other prefixes will not be exported)

TypeDefaultValidation
[]string

learn

Should routes from the kernel be learned into BIRD?

TypeDefaultValidation
boolfalse

export

Export routes to kernel routing table

TypeDefaultValidation
booltrue

reject-connected

Don't export connected routes (RTS_DEVICE) to kernel?'

TypeDefaultValidation
boolfalse

table

Kernel table

TypeDefaultValidation
int

scan-time

Time in seconds between scans of the kernel routing table

TypeDefaultValidation
int10

MRTInstance

file

File to store MRT dumps (supports strftime replacements and %N as table name)

TypeDefaultValidation
string/var/log/bird/%N%F%T.mrt

interval

Number of seconds between dumps

TypeDefaultValidation
uint300

table

Routing table to read from

TypeDefaultValidation
string

Optimizer

targets

List of probe targets

TypeDefaultValidation
[]string

latency-threshold

Maximum allowable latency in milliseconds

TypeDefaultValidation
uint100

packet-loss-threshold

Maximum allowable packet loss (percent)

TypeDefaultValidation
float640.5

modifier

Amount to lower local pref by for depreferred peers

TypeDefaultValidation
uint20

probe-count

Number of pings to send in each run

TypeDefaultValidation
int5

probe-timeout

Number of seconds to wait before considering the ICMP message unanswered

TypeDefaultValidation
int1

probe-interval

Number of seconds wait between each optimizer run

TypeDefaultValidation
int120

cache-size

Number of probe results to store per peer

TypeDefaultValidation
int15

probe-udp

Use UDP probe (else ICMP)

TypeDefaultValidation
boolfalse

alert-script

Script to call on optimizer event

TypeDefaultValidation
string

exit-on-cache-full

Exit optimizer on cache full

TypeDefaultValidation
boolfalse

Peer

template

Configuration template

TypeDefaultValidation
string

description

Peer description

TypeDefaultValidation
string

tags

Peer tags

TypeDefaultValidation
[]string

disabled

Should the sessions be disabled?

TypeDefaultValidation
boolfalse

import

Import routes from this peer

TypeDefaultValidation
booltrue

export

Export routes to this peer

TypeDefaultValidation
booltrue

asn

Local ASN

TypeDefaultValidation
int0required

neighbors

List of neighbor IPs

TypeDefaultValidation
[]stringrequired,ip

prepends

Number of times to prepend local AS on export

TypeDefaultValidation
int0

prepend-path

List of ASNs to prepend

TypeDefaultValidation
[]uint32

clear-path

Remove all ASNs from path (before prepends and prepend-path)

TypeDefaultValidation
boolfalse

local-pref

BGP local preference

TypeDefaultValidation
int100

local-pref4

IPv4 BGP local preference (overrides local-pref, not included in optimizer)

TypeDefaultValidation
int

local-pref6

IPv6 BGP local preference (overrides local-pref, not included in optimizer)

TypeDefaultValidation
int

set-local-pref

Should an explicit local pref be set?

TypeDefaultValidation
booltrue

multihop

Should BGP multihop be enabled? (255 max hops)

TypeDefaultValidation
boolfalse

listen4

IPv4 BGP listen address

TypeDefaultValidation
string

listen6

IPv6 BGP listen address

TypeDefaultValidation
string

local-asn

Local ASN as defined in the global ASN field

TypeDefaultValidation
int

local-port

Local TCP port

TypeDefaultValidation
int179

neighbor-port

Neighbor TCP port

TypeDefaultValidation
int179

passive

Should we listen passively?

TypeDefaultValidation
boolfalse

direct

Specify that the neighbor is directly connected

TypeDefaultValidation
boolfalse

next-hop-self

Should BGP next-hop-self be enabled?

TypeDefaultValidation
boolfalse

next-hop-self-ebgp

Should BGP next-hop-self for eBGP be enabled?

TypeDefaultValidation
boolfalse

next-hop-self-ibgp

Should BGP next-hop-self for iBGP be enabled?

TypeDefaultValidation
boolfalse

bfd

Should BFD be enabled?

TypeDefaultValidation
boolfalse

password

BGP MD5 password

TypeDefaultValidation
string

rs-client

Should this peer be a route server client?

TypeDefaultValidation
boolfalse

rr-client

Should this peer be a route reflector client?

TypeDefaultValidation
boolfalse

remove-private-asns

Should private ASNs be removed from path before exporting?

TypeDefaultValidation
booltrue

mp-unicast-46

Should this peer be configured with multiprotocol IPv4 and IPv6 unicast?

TypeDefaultValidation
boolfalse

allow-local-as

Should routes originated by the local ASN be accepted?

TypeDefaultValidation
boolfalse

add-path-tx

Enable BGP additional paths on export?

TypeDefaultValidation
boolfalse

add-path-rx

Enable BGP additional paths on import?

TypeDefaultValidation
boolfalse

import-next-hop

Rewrite the BGP next hop before importing routes learned from this peer

TypeDefaultValidation
string

export-next-hop

Rewrite the BGP next hop before announcing routes to this peer

TypeDefaultValidation
string

confederation

BGP confederation (RFC 5065)

TypeDefaultValidation
int

confederation-member

Should this peer be a member of the local confederation?

TypeDefaultValidation
boolfalse

ttl-security

RFC 5082 Generalized TTL Security Mechanism

TypeDefaultValidation
boolfalse

interpret-communities

Should well-known BGP communities be interpreted by their intended action?

TypeDefaultValidation
booltrue

default-local-pref

Default value for local preference

TypeDefaultValidation
int

Advertise hostname capability

TypeDefaultValidation
boolfalse

disable-after-error

Disable peer after error

TypeDefaultValidation
boolfalse

prefer-older-routes

Prefer older routes instead of comparing router IDs (RFC 5004)

TypeDefaultValidation
boolfalse

irr-accept-child-prefixes

Accept prefixes up to /24 and /48 from covering parent IRR objects

TypeDefaultValidation
boolfalse

add-on-import

List of communities to add to all imported routes

TypeDefaultValidation
[]string

add-on-export

List of communities to add to all exported routes

TypeDefaultValidation
[]string

announce

Announce all routes matching these communities to the peer

TypeDefaultValidation
[]string

remove-communities

List of communities to remove before from routes announced by this peer

TypeDefaultValidation
[]string

remove-all-communities

Remove all standard and large communities beginning with this value

TypeDefaultValidation
int

as-prefs

Map of ASN to import local pref (not included in optimizer)

TypeDefaultValidation
map[uint32]uint32

community-prefs

Map of community to import local pref (not included in optimizer)

TypeDefaultValidation
map[string]uint32

as-set

Peer's as-set for filtering

TypeDefaultValidation
string

import-limit4

Maximum number of IPv4 prefixes to import after filtering

TypeDefaultValidation
int1000000

import-limit6

Maximum number of IPv6 prefixes to import after filtering

TypeDefaultValidation
int300000

import-limit-violation

What action should be taken when the import limit is tripped?

TypeDefaultValidation
stringdisable

receive-limit4

Maximum number of IPv4 prefixes to accept (including filtered routes, requires keep-filtered)

TypeDefaultValidation
int

receive-limit6

Maximum number of IPv6 prefixes to accept (including filtered routes, requires keep-filtered)

TypeDefaultValidation
int

receive-limit-violation

What action should be taken when the receive limit is tripped?

TypeDefaultValidation
stringdisable

export-limit4

Maximum number of IPv4 prefixes to export

TypeDefaultValidation
int

export-limit6

Maximum number of IPv6 prefixes to export

TypeDefaultValidation
int

export-limit-violation

What action should be taken when the export limit is tripped?

TypeDefaultValidation
stringdisable

enforce-first-as

Should we only accept routes who's first AS is equal to the configured peer address?

TypeDefaultValidation
booltrue

enforce-peer-nexthop

Should we only accept routes with a next hop equal to the configured neighbor address?

TypeDefaultValidation
booltrue

force-peer-nexthop

Rewrite nexthop to peer address

TypeDefaultValidation
boolfalse

allow-blackhole-community

Should this peer be allowed to send routes with the blackhole community?

TypeDefaultValidation
boolfalse

blackhole-in

Should imported routes be blackholed?

TypeDefaultValidation
boolfalse

blackhole-out

Should exported routes be blackholed?

TypeDefaultValidation
boolfalse

filter-irr

Should IRR filtering be applied?

TypeDefaultValidation
boolfalse

filter-rpki

Should RPKI invalids be rejected?

TypeDefaultValidation
booltrue

strict-rpki

Should only RPKI valids be accepted?

TypeDefaultValidation
boolfalse

filter-max-prefix

Should max prefix filtering be applied?

TypeDefaultValidation
booltrue

filter-bogon-routes

Should bogon prefixes be rejected?

TypeDefaultValidation
booltrue

filter-bogon-asns

Should paths containing a bogon ASN be rejected?

TypeDefaultValidation
booltrue

filter-transit-asns

Should paths containing transit-free ASNs be rejected? (Peerlock Lite)'

TypeDefaultValidation
boolfalse

filter-prefix-length

Should too large/small prefixes (IPv4 8 > len > 24 and IPv6 12 > len > 48) be rejected?

TypeDefaultValidation
booltrue

filter-never-via-route-servers

Should routes containing an ASN reported in PeeringDB to never be reachable via route servers be filtered?

TypeDefaultValidation
boolfalse

filter-as-set

Reject routes that aren't originated by an ASN within this peer's AS set

TypeDefaultValidation
boolfalse

filter-aspa

Reject routes that aren't originated by an ASN within the authorized-providers map

TypeDefaultValidation
boolfalse

filter-blocklist

Reject ASNs, prefixes, and IPs in the global blocklist

TypeDefaultValidation
booltrue

transit-lock

Reject routes that aren't transited by an AS in this list

TypeDefaultValidation
[]string

dont-announce

Don't announce these prefixes to the peer

TypeDefaultValidation
[]string

only-announce

Only announce these prefixes to the peer

TypeDefaultValidation
[]string

prefix-communities

Map of prefix to community list to add to the prefix

TypeDefaultValidation
map[string][]string

auto-import-limits

Get import limits automatically from PeeringDB?

TypeDefaultValidation
boolfalse

auto-as-set

Get as-set automatically from PeeringDB? If no as-set exists in PeeringDB, a warning will be shown and the peer ASN used instead.

TypeDefaultValidation
boolfalse

auto-as-set-members

Get AS set members automatically from the peer's IRR as-set? (independent from auto-as-set)

TypeDefaultValidation
boolfalse

honor-graceful-shutdown

Should RFC8326 graceful shutdown be enabled?

TypeDefaultValidation
booltrue

prefixes

Prefixes to accept

TypeDefaultValidation
[]string

as-set-members

AS set members (For filter-as-set)

TypeDefaultValidation
[]uint32

role

RFC 9234 Local BGP role

TypeDefaultValidation
string

require-roles

Require RFC 9234 BGP roles

TypeDefaultValidation
boolfalse

announce-default

Should a default route be exported to this peer?

TypeDefaultValidation
boolfalse

announce-originated

Should locally originated routes be announced to this peer?

TypeDefaultValidation
booltrue

announce-all

Should all routes be exported to this peer?

TypeDefaultValidation
boolfalse

session-global

Configuration to add to each session before any defined BGP protocols

TypeDefaultValidation
string

pre-import-filter

Configuration to add before the filtering section of the import policy

TypeDefaultValidation
string

post-import-filter

Configuration to add after the filtering section of the import filter

TypeDefaultValidation
string

pre-import-accept

Configuration to add immediately before the final accept term import

TypeDefaultValidation
string

pre-export

Configuration to add before the export policy

TypeDefaultValidation
string

pre-export-final

Configuration to add after the export policy before the final accept/reject term

TypeDefaultValidation
string

probe-sources

Optimizer probe source addresses

TypeDefaultValidation
[]string

optimize-inbound

Should the optimizer modify inbound policy?

TypeDefaultValidation
boolfalse

VRRPInstance

state

VRRP instance state ('primary' or 'backup')

TypeDefaultValidation
stringrequired

interface

Interface to send VRRP packets on

TypeDefaultValidation
stringrequired

vrid

RFC3768 VRRP Virtual Router ID (1-255)

TypeDefaultValidation
uintrequired

priority

RFC3768 VRRP Priority

TypeDefaultValidation
uintrequired

vips

List of virtual IPs

TypeDefaultValidation
[]stringrequired,cidr