Private WAN routers

Warning

Private WAN routers will be deprecated in SD-WAN on August 1, 2025. Please see Migrating to managed mesh for information on migrating an existing deployment using private WAN routers to a managed mesh.

Currently the preferred method to configure dynamic routing on private WAN routers is via bird.

bird implementation

Note

Due to the method of high availability employed by private WAN routers, routes are announced via the kernel instead of being set as static routes in bird. It is recommended to use route filters to choose what to announce to routing peers. Without a route filter, all of the addresses for gateways, port forward rules, and NAT rules where the gateway is not on a VLAN will be announced. Typically, we would want all of those routes announced, but there is also a route for the VPN to the management server that should generally not be announced. That route is 10.250.0.0/16 by default.

Internally, the network range 240.0.0.0/4 is used for communication between private WAN routers and aggregators.

Global

Create a file at /etc/bonding/bird/global.conf with the following generic configurations:

protocol kernel {
    ipv4 {
            import all;
            export all;
    };
    learn;
}

protocol direct {
    ipv4 {
            import all;
    };
    ipv6 {
            import all;
    };
    interface "*-ext";
}

filter ignore_internal {
    if net ~ [10.250.0.0/16{16,32}, 240.0.0.0/4{4,32}] then {
            reject;
    }
    accept;
}

BGP

To configure bird with BGP, create a file at /etc/bonding/bird/bgp.conf with the following configuration:

protocol bgp {
    ipv4 {
            import all;
            export filter ignore_internal;
    };
    local as 65000;
    neighbor 198.51.100.130 as 65001;
}

Set the neighbor IP as appropriate.

Then run pwanbirdc - conf to load the config.

Configuration

To specify any custom configurations for BGP, refer to the bird BGP documentation.

OSPF

To configure bird with OSPF, create a file at /etc/bonding/bird/ospf.conf with the following configuration:

protocol ospf v2 ospf_4 {
    ipv4 {
            import all;
            export filter ignore_internal;
    };
    area 0.0.0.0 {
            interface "ext" {};
    };
}

Then run pwanbirdc - conf to load the config.

Configuration

To specify any custom configurations for OSPF, refer to the bird OSPF documentation.