Hi all I need to multihome a network, connecting it to two upstream providers. Besides that I also need some iBGP sessions inside that network to connect one or two inner routers to the two border routers. The whole project will begin in one or two months and I'm now evaluating possible solutions.
I have setup a small test scenario to test OpenBGPD. There I have two routers in AS 65001 and one router in AS 65002. You can find the configuration of one of the AS 65001 routers below. I wanted to use IPv4 and IPv6. During my first tries I found out that IPv6-functionality is not yet complete in the bgpd shipped with OpenBSD 3.8. Therefore I took bgpd and bgpctl HEAD revisions from CVS and I got my setup working so far and feel quite comfortable with OpenBGPD. I only have a few questions left: In the HEAD revision, the "announce self" does not seem to work anymore (I get a "syntax error" message). Apparently, the default behaviour seems to be "announce all". This makes my two AS 65001 routers announcing the routes which they receive over iBGP to AS 65002. I quickly looked at the source and there seems to be no compensation to "announce self". Is there a possibility to configure bgpd to only announce the prefixes set through a "network" statement to a specific peer without using filters? Further, I'm not sure if there's more needed than just "enforce neighbor-as no" for an iBGP peering. Unfortunatly, the manual page does not tell much about iBGP. Is anything missing with my configuration? In http://www.openbsd.org/39.html it's mentioned that there will be improved IPv6 support for 3.9. Which improvements are planned for 3.9, and what is planned after 3.9? I'm just curious and have not found much in the mailing list archive about this topic :-) With best regards, Thomas. -- my configuration -- # this is the foreign AS peer1="192.168.42.2" peer1_6="fd:8001:5:42:20c:29ff:fe68:3fe9" # this is the second router in my AS bar="192.168.0.253" AS 65001 router-id 192.168.42.254 log updates network 10.144.0.0/16 network 192.168.0.0/24 network 192.168.42.0/24 network fd:8001:ffff:80::/64 network fd:8001:ffff:23::/64 network inet connected network inet6 connected group "peering AS65002" { remote-as 65002 #announce self neighbor $peer1 { descr "AS 65002 v4" announce IPv4 unicast announce IPv6 none tcp md5sig password secret } neighbor $peer1_6 { descr "AS 65002 v6" announce IPv6 unicast announce IPv4 none tcp md5sig password secret local-address fd:8001:5:42:0:0:0:254 } } group "internal peering" { remote-as 65001 enforce neighbor-as no announce all neighbor $bar { descr "bar" announce IPv4 unicast announce IPv6 none } }
