I'm probably missing something silly, here's what I've got so far:
1/ Working VPN, I can ping between the BGP loopbacks on both sides
ping -S 192.168.1.1 10.250.250.250
ping -S 10.250.250.250 192.168.1.1
2/ The BGP sessions come up
3/ "bgpctl sho ri" shows all routes. But none of them have any flags, not even
the *=valid flag.
4/ Setting "nexthop qualify via default" gets the valid & select flags, but
doing a traceroute sees the traffic going of the default gateway instead of the
vpn
5/ Playing with "fib-priority" in bgpd.conf doesnt' seem to achieve much.
bgpd.conf looks like below :
MY_ROUTER_ID_V4="192.168.1.1"
MY_ASN="64550"
AS $MY_ASN
router-id $MY_ROUTER_ID_V4
socket "/var/www/run/bgpd.rsock" restricted
rde med compare always
group my_remote_group {
remote-as 64515
announce none
announce IPv6 none
neighbor 10.250.250.250 {
local-address $MY_ROUTER_ID_V4
descr "REMOTE NUMBER 1"
}
}
deny from any
match from any set origin igp
allow from any prefix {198.51.100.0/24 or-longer,203.0.113.0/24 or-longer}
deny to any
allow to any prefix {192.0.2.0/24 or-longer}
