You definitely need an AS number, although if your BGP route provider agrees, you can use a private AS number (kind of like RFC1918 IP addressing, conceptually).
You don't need portable IP address space to get (or use) a BGP feed - again, subject to negotiation with your BGP provider(s). I'm using OpenBGPD under 2.0B4 and it works OK (except for a nasty bug concerning 1:1 NAT entries [#958]). I'm not pulling in a full route set, though, only about 13k routes. IPv4 portable address space is already extremely difficult to obtain - an ISP I do work for has to justify 80% usage of every additional class-C block they obtain, and they're only being given /24s and /23s now. (I think they're going to renumber a large chunk of addresses, though, and exchange a bunch of /23s and /22s for a /21.) It's not all that expensive to obtain IP addresses from ARIN, the problem is you likely don't meet their minimum thresholds. Quoting from https://www.arin.net/policy/nrpm.html, 4.1.1. Routability Provider independent (portable) addresses issued directly from ARIN or other Regional Registries are not guaranteed to be globally routable. Therefore, ISPs should consider the following order of priority when requesting IP address space: - Request IP address space from upstream provider - Request IP address space from provider's provider - Request IP address space from ARIN (not guaranteed to be globally routable) According to section 4.2.1.5 "Minimum Allocation", ARIN will issue /20s or larger to end-users, and /22s and larger to multi-homed ISPs. And keep in mind that many large transit providers filter all announcements smaller than a defined threshold (I'm told that's up to /20 now in some cases). You generally receive BGP feeds from your directly connected neighbours; typically this means both your ISPs must agree to talk BGP with you, they must both agree to advertise your address space, and they must both agree on your AS number. (Same considerations apply for n>2, just exponentially more difficult unless you're a large ISP yourself.) It's perfectly feasible to run iBGP (i=internal) which is the same protocol but just not talking to anyone on the outside. This lets you set up multiple routers internally and experiment with BGP to your heart's content. It's also sometimes possible to find a friendly ISP and import a BGP feed from them and not talk BGP to your neighbours at all. Most BGP partners will happily apply filters that discard all advertisements from you, which means you won't screw up anyone except yourself. And, AFAIK, most BGP routers have sane filters that block advertisements of (for example) 0.0.0.0/0, 127.0.0.0/8, 192.168.0.0/16, etc. so while it's always possible for BGP mistakes to affect many non-related users, it's fairly rare; I can only remember one internet-wide mistake in the last year or two. I run a unusual case myself: I have two small public IP allocations, a /29 from my public ISP (TeraGo) and a /32 from my regional R&D/Edu network (MRNET). I don't have any portable address space at all, and neither set of addresses is advertised to the opposite link; BGP only really helps me for outbound connections. I only talk BGP to MRNET (that's the 13k routes, basically CA*Net, NSFNet, ESNet, I2, et al.), and I use a default route to TeraGo. If you live in an area with multiple large ISPs, you'll have much better luck finding someone who knows what BGP is. Ditto if you have business-grade service with an actual Account Manager assigned to you. Smaller, regional ISPs often refuse to provide BGP peering for non-technical reasons. (And good luck finding a Cable operator anywhere who's willing to even *think* about the possibility of a multi-homed customer...) -Adam Thompson athom...@athompso.net > -----Original Message----- > From: Eugen Leitl [mailto:eu...@leitl.org] > Sent: Thursday, November 11, 2010 07:07 > To: discussion@pfsense.com > Subject: [pfSense-discussion] how to receive BGP routes > > > I should now have enough resources (4 GByte RAM) to start > fiddling around with the whole BGP table. As I have very > little netop clue, from where can one receive a full > feed? I do not have PI space nor an AS number, > obviously. I hope to be able to obtain enough clue > and finances eventually to get PI space (probably > IPv6, as IPv4 PI should be getting terribly scarce > rather soon). > > I see there's a OpenBGPD package in 2.0-BETA4 list, > as well as OpenOSPFD (the latter is only used within > an AS, apparently). Is it possible to set up to receive > a full routing table without having one's own AS? > > How would one go about to make sure one's modifications > do not get published by mistake? I'd rather try to avoid > screwing up somebody's routes by a rookie mistake, for > obvious reasons. This is just a lab. > > Thanks! > > -- > Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > > ------------------------------------------------------------------- > -- > To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com > For additional commands, e-mail: discussion-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com For additional commands, e-mail: discussion-h...@pfsense.com Commercial support available - https://portal.pfsense.org