Bird2 BGP Routing Daemon
Install and configure Bird2 on a RamNode VPS for BGP, OSPF, RIP, and BFD — including BYOIP and IPv6 support.
Prerequisites
- A RamNode VPS (any plan works; the $4/month KVM NVMe tier is sufficient for most use cases)
- Root or sudo SSH access
- Basic familiarity with Linux networking
- An ASN and IP block if you plan to run BGP (optional for OSPF/RIP-only setups)
Update Your System
Log in to your VPS and ensure all packages are current before installing Bird2.
apt update && apt upgrade -yInstall Bird2
Bird2 is available in the default repositories for Debian 12 and Ubuntu 22.04.
apt install bird2 -yVerify the installation:
bird --versionYou should see output similar to BIRD version 2.x.x. The service starts automatically — check its status:
systemctl status birdUnderstand the Configuration Structure
Bird2 uses a single configuration file located at /etc/bird/bird.conf. Unlike Bird 1.x, which had separate IPv4 and IPv6 daemons, Bird2 handles both address families in a unified process.
The configuration is organized around three core concepts:
- Protocols — define routing sources and sinks (BGP, OSPF, static routes, kernel routing table, etc.).
- Tables — hold routing information. Bird2 has a built-in
master4table for IPv4 andmaster6for IPv6. - Filters — functions written in Bird's filter language that control which routes are accepted or exported at each protocol boundary.
Write a Basic Configuration
Back up the default configuration, then create your own:
cp /etc/bird/bird.conf /etc/bird/bird.conf.bak
nano /etc/bird/bird.confBelow is a minimal working configuration for a VPS that announces a static route over BGP to an upstream provider. Replace the placeholder values with your own ASN, IP addresses, and prefix.
# /etc/bird/bird.conf
# Router ID - typically your primary VPS IPv4 address
router id 203.0.113.1;
# Log to syslog
log syslog all;
# Kernel protocol - syncs Bird routes into the OS routing table
protocol kernel {
ipv4 {
export all;
};
}
# Device protocol - required to detect interfaces
protocol device {}
# Static route for your IP block
protocol static {
ipv4 {
export all;
};
route 198.51.100.0/24 blackhole;
}
# BGP session with upstream provider
protocol bgp upstream {
local 203.0.113.1 as 65001;
neighbor 203.0.113.254 as 65000;
ipv4 {
import none;
export filter {
if net = 198.51.100.0/24 then accept;
reject;
};
};
}Validate and Apply the Configuration
Bird2 includes a built-in syntax checker. Always validate before reloading:
bird --parse-only -c /etc/bird/bird.confA successful validation produces no output. If there are errors, the parser will print the line number and a description.
Once validation passes, reload Bird2 without restarting the service (no session downtime):
birdc configureOr restart the service entirely if needed:
systemctl restart birdUse the Bird CLI
The birdc command-line client connects to the running Bird2 daemon and lets you inspect state, run diagnostics, and reload configuration interactively.
birdc show protocolsbirdc show routebirdc show protocols all upstreambirdc show route protocol upstreambirdc configureAdd IPv6 Support
Bird2 handles IPv6 natively. Add a parallel set of blocks to your configuration for ipv6:
protocol kernel {
ipv4 { export all; };
ipv6 { export all; };
}
protocol static {
ipv4 { export all; };
route 198.51.100.0/24 blackhole;
ipv6 { export all; };
route 2001:db8::/48 blackhole;
}
protocol bgp upstream6 {
local 2001:db8::1 as 65001;
neighbor 2001:db8::ffff as 65000;
ipv6 {
import none;
export filter {
if net = 2001:db8::/48 then accept;
reject;
};
};
}Configure BFD for Faster Failover (Optional)
BFD (Bidirectional Forwarding Detection) detects link failures in milliseconds, much faster than BGP hold timers alone. Enable it by adding a BFD protocol block and referencing it in your BGP session:
protocol bfd {
interface "*" {
min rx interval 100ms;
min tx interval 100ms;
};
}
protocol bgp upstream {
local 203.0.113.1 as 65001;
neighbor 203.0.113.254 as 65000;
bfd on;
ipv4 {
import none;
export filter {
if net = 198.51.100.0/24 then accept;
reject;
};
};
}Harden Your Setup
A few practices that matter for production Bird2 deployments on any VPS:
Restrict the Bird control socket
By default, birdc is accessible to root only. Verify socket permissions:
ls -la /run/bird/bird.ctlUse prefix filters to prevent route leaks
Never export a full default-free zone to a peer unless you intend to act as a transit provider. Filter aggressively on both import and export.
Set BGP timers conservatively for stability
protocol bgp upstream {
hold time 90;
keepalive time 30;
...
}Enable MD5 authentication if your upstream supports it
protocol bgp upstream {
password "your-shared-secret";
...
}Enable Bird2 on Boot
Bird2 should already be enabled at boot after installation, but confirm:
systemctl enable birdTroubleshooting
Bird fails to start after a config change
Run bird --parse-only -c /etc/bird/bird.conf to locate the syntax error before attempting to restart.
BGP session stays in Active state
Check that the neighbor IP is reachable (ping), that port 179 is not blocked by a firewall, and that the remote AS number matches what your upstream expects.
Routes not appearing in the OS routing table
Ensure the kernel protocol block includes the correct address family with export all or an appropriate filter.
birdc reports "Cannot connect to Bird socket"
The daemon may not be running. Check systemctl status bird and review logs with journalctl -u bird.
Next Steps
With Bird2 running on your RamNode VPS, you can expand your setup to:
- Run a full BGP route reflector for an internal network
- Peer with route servers at an IXP
- Combine Bird2 with WireGuard for an encrypted, routed mesh network
- Use OSPF for multi-VPS dynamic routing across RamNode locations
RamNode's KVM NVMe VPS plans give you full control over the network stack, making them well-suited for routing daemon workloads that require kernel-level IP management and persistent BGP sessions.