bgp in the lab #3

after last blog on sharing full bgp feed for IPv4, I got a number of interesting questions. given many of you were asking to have also IPv6 available, I decided to extend the project to cover that as well.

disclaimer

you’re doing this ON YOUR OWN. i’m not responsible for anything on your end and service itself. so if it crashes your router, makes all traffic to follow different paths, or essentially anything that you can’t control - you’re completely on your own.

i may also discontinue “the service” at any time, so don’t expect this to last forever :)

how to get the full feed for IPv4?

things you need to configure on your end to receive full european IPv4 BGP feed to your router:

  • your ASN - 65001
  • my ASN - 57355
  • eBGP multihop session
  • no password
  • version 4
  • my IP - 85.232.240.179 (bonus points for spotting geeky octet)
  • your IP - whatever public IPv4 you have
  • timers - 3600 for hello and 7200 for hold time (very conservative, yes)

if you already have your own ASN configured (and for some reason can’t change it despite it’s targeted for lab environments), you can use local-as feature to use 65001 towards me, while keeping your own ASN

how to get the full feed for IPv6?

things you need to configure on your end to receive full european IPv6 BGP feed to your router:

  • your ASN - 65001
  • my ASN - 57355
  • eBGP multihop session
  • no password
  • version 4
  • my IP - 2001:1A68:2C:2::179 (again, bonus points… ;) )
  • your IP - whatever public IPv6 you have
  • timers - 3600 for hello and 7200 for hold time (very conservative, yes)

be a good citizen

please don’t send any prefixes my way. I’ll filter them out anyway, but why you want to put additional burden on my end? please don’t :)

example configuration for IOS/IOS-XE

example config for Cisco IOS/IOS-XE on your side:

!
router bgp 65001 ! global proces for ASN 65001, if you already have other ASN
                 ! and can't change it, look below for solution

 neighbor 85.232.240.179 remote-as 57355         ! if you want IPv4 feed
 neighbor 85.232.240.179 ebgp-multihop 255
 neighbor 85.232.240.179 version 4
 neighbor 85.232.240.179 description to-luke-bgp-full-feed-router
 neighbor 85.232.240.179 timers 3600 7200
 neighbor 85.232.240.179 local-as 65001          ! if you can't use ASN 65001, at least
 !                                                 identify towards me as 65001
 neighbor 2001:1A68:2C:2::179 remote-as 57355    ! if you want IPv6 feed
 neighbor 2001:1A68:2C:2::179 ebgp-multihop 255
 neighbor 2001:1A68:2C:2::179 version 4
 neighbor 2001:1A68:2C:2::179 description to-luke-bgp-full-feed-router
 neighbor 2001:1A68:2C:2::179 timers 3600 7200
 neighbor 2001:1A68:2C:2::179 local-as 65001     ! if you can't use ASN 65001, at least
 !                                                 identify towards me as 65001
 !
 address-family ipv4 unicast
  neighbor 85.232.240.179 activate
  neighbor 85.232.240.179 prefix-list DENY-ALL-V4 out
 !
 address-family ipv6 unicast
  neighbor 2001:1A68:2C:2::179 activate
  neighbor 2001:1A68:2C:2::179 prefix-list DENY-ALL-V6 out
 !
!
ip prefix-list DENY-ALL-V4 seq 5 deny 0.0.0.0/0 le 32
!
ipv6 prefix-list DENY-ALL-V6 seq 5 deny ::/0 le 128
!

also, on your end, you can optimize a bit TCP stack config with things like:

ip tcp selective-ack
ip tcp window-size 512000
ip tcp path-mtu-discovery

example configuration for IOS XR

example config for Cisco IOS XR on your side:

!
route-policy DROP
  drop
end-policy
!
route-policy PASS
  pass
end-policy
!
router bgp 65001
 address-family ipv4 unicast
 !
 address-family ipv6 unicast
 !
 neighbor 85.232.240.179
  remote-as 57355
  ebgp-multihop 255
  timers 3600 7200
  description to-luke-bgp-full-feed-router
  local-as 65001 ! if you're already using some other BGP ASN, use this
                 ! command to identify as 65001 towards my route server
  address-family ipv4 unicast
   route-policy PASS in
   route-policy DROP out
  !
 !
 neighbor 2001:1a68:2c:2::179
  remote-as 57355
  ebgp-multihop 255
  timers 3600 7200
  description to-luke-bgp-full-feed-router
  local-as 65001 ! if you're already using some other BGP ASN, use this
                 ! command to identify as 65001 towards my route server
  address-family ipv6 unicast
   route-policy PASS in
   route-policy DROP out
  !
 !
!

summary

how it is different from session I described in previous post? it has public ASN and can feed you with IPv6 data. other than that - there’s no change.

happy BGPing!