RouterOS + OSPF 分离 求助帖, ROS 可以学习到路由,但是没有网络。

Debug1998 2026-06-30 20:15 1

以下是我的配置:


bird2


[root@Kwrt:07:21 PM ~] # cat /etc/bird.conf
log syslog all;
router id 192.168.9.254;


protocol device {
scan time 10;
}


protocol kernel {
ipv4 {
import all;
export all;
};
}


protocol direct {
interface "br-lan";
}


protocol static foreign {
ipv4;
include "/root/foreign.conf";
}


protocol ospf v2 ospf1 {
ipv4 {
import all;
export where source = RTS_STATIC && net != 0.0.0.0/0;
};
area 0.0.0.0 {
interface "br-lan" {
type ptp;
hello 10;
dead 40;
};
};
}


ROS 学习到的 address:



AI 说因为学习到了 0.0.0.0 导致的。
[root@Kwrt:08:05 PM ~] # birdc show route | grep 0.0.0.0
150.0.0.0/16 unreachable [foreign 19:11:31.576] * (200)
60.0.0.0/13 unreachable [foreign 19:11:31.576] * (200)
120.0.0.0/12 unreachable [foreign 19:11:31.576] * (200)


路由表生成配置


cat > /root/generate_foreign.sh << 'EOF'
#!/bin/bash


生成国外路由表( BIRD static 格式) - 纯 Shell 版


CHINA_URL="https://raw.githubusercontent.com/mayaxcn/china-ip-list/master/chnroute.txt"
FOREIGN_FILE="/root/foreign.conf"
TMP_CHINA="/tmp/china.tmp"


echo "=== 下载最新国内 IP 列表 ==="
curl -s -L -o "$TMP_CHINA" "$CHINA_URL"
if [ $? -ne 0 ] || [ ! -s "$TMP_CHINA" ]; then
echo "下载失败!"
exit 1
fi


echo "=== 生成国外路由表(取反)==="
cat > "$FOREIGN_FILE" << HEADER


Foreign (non-China) routes generated at $(date -R)


protocol static foreign {
HEADER


awk '!/^#/ && NF>0 { print " route " $1 " reject;" }' "$TMP_CHINA" >> "$FOREIGN_FILE"


echo "}" >> "$FOREIGN_FILE"


echo "生成完成!国外路由文件: $FOREIGN_FILE"
echo "路由条目数量: $(wc -l < "$FOREIGN_FILE")"
rm -f "$TMP_CHINA"
EOF


[root@Kwrt:04:37 PM ~] # head -20 /root/foreign.conf


Foreign (non-China) routes generated at Tue, 30 Jun 2026 16:37:29 +0800


protocol static foreign {
route 1.0.1.0/24 reject;
route 1.0.2.0/23 reject;
route 1.0.8.0/21 reject;
route 1.0.32.0/19 reject;
route 1.1.0.0/24 reject;
route 1.1.2.0/23 reject;
route 1.1.4.0/22 reject;
route 1.1.8.0/24 reject;
route 1.1.9.0/24 reject;
route 1.1.10.0/23 reject;
route 1.1.12.0/22 reject;
route 1.1.16.0/20 reject;
route 1.1.32.0/19 reject;
route 1.2.0.0/23 reject;
route 1.2.2.0/24 reject;
route 1.2.4.0/24 reject;
route 1.2.5.0/24 reject;
route 1.2.6.0/23 reject;

最新回复 (3)
  • jciba5n4y6u 07-01 10:38
    1
    我懒的折腾分流了,现在是直接在电脑上 tun 全局更省心。

    蹲 op 主的进展,看看后续能不能抄作业。
  • LaoLeyuan 07-01 14:53
    2
    我也折腾过分流,但是一旦网络出问题,很难确定是自己的分流策略出了问题还是🪜节点出了问题,弄来弄去发现只是折腾自己,现在已经退烧了。
  • Debug1998 楼主 07-01 14:58
    3
    @LaoLeyuan 感觉精力没榨干,这几天。
* 帖子来源V2EX
返回