Hi Mik, 1) what version of OpenBSD / OpenBGPD are you running... 2) if it is >6.4 OpenBSD / OpenBGPD .... then Claudio et all have implemented a new RFC for eBGP (cant remember the number)
TLDR version of the new eBGP RFC is that unfiltered bgp will by default, deny any announcements and only announce what is explicitly allowed by filters added by the administrator of the BGP router... Check out Job@ & Claudio@ *NOG videos on BGPD / OpenBGPD for more details (they are on youtube) I hope this helps Bon Chance :) On Mon, 22 Apr 2019 at 11:17, Mik J <[email protected]> wrote: > > Hello, > > I'm trying to set up openbgpd. > > On site 2, I'm peering with us.bgp-spamd.net and eu.bgp-spamd.net sucessfully. > The problem is that these routes are not in the bgp table on site 3. The BGP > peerings are up. > From site 3 I can ping 192.0.2.2/site 2. I sucessfully receive prefixes > announced on site 2. > I used next hop self on the ibgp session.Does anyone has an idea ? > > log updates > network 192.0.2.2/32network 10.1.1.0/24 > myAS="65001" > site2="192.0.2.2" > site3="192.0.2.3" > spam_rs1="64.142.121.62" # us.bgp-spamd.net > spam_rs2="217.31.80.170" # eu.bgp-spamd.net > spamASN="65066" > > AS $myAS > fib-update no > > group "spam-bgp" { > remote-as $spamASN > multihop 64 > announce none # Do not send any route updates > neighbor $spam_rs1 > neighbor $spam_rs2 > } > > group "internalnet" { > remote-as $myAS > multihop 64 > neighbor $site3 > local-address $site2 > set nexthop self > tcp md5sig password password1234 > } > > -- Kindest regards, Tom Smyth.
