Well it didn't work that's why I asked the question.
>From what I'm used to do with BGP it's not a redistribution it's the same BGP
>table.
Regards
Le lundi 22 avril 2019 à 20:24:49 UTC+2, Denis Fondras
<[email protected]> a écrit :
> I don't understand how to use "allow from group"
>
Sorry, I responded too fast. You already receive the prefixes from $spamASN and
you want to redistribute them.
There is no filtering in the (old) versions you use IIRC.
> Yes I use 6.0, 6.1 and 5.8 on these machines. I'm waiting for 6.5 to be
> released and try to migrate them all.
>
> I'm used to configure Cisco devices and there's no filtering. Routes received
> by an eBGP session are reannounced to iBGP peers and next hop self should be
> used in that case.
> If that option is not used, the routes are installed in the BGP table but
> since the next hop is unreachable, they are not installed in the routing
> table.
>
> I expected my iBGP peers (site 3...) to receive the routes (spam) coming from
> the eBGP peer on site 2.
>
> It seemed to me that group was like a peer-group.
> Le lundi 22 avril 2019 à 18:32:26 UTC+2, Tom Smyth
><[email protected]> a écrit :
>
> Hi Mik,
>
> 1) what version of OpenBSD / OpenBGPD are you running...
> 2) if it is >6.4 OpenBSD / OpenBGPD .... then Claudio et all have
> implemented a new RFC for eBGP (cant remember the number)
>
> TLDR version of the new eBGP RFC is that unfiltered bgp will by
> default, deny any announcements and only announce what is explicitly
> allowed by filters added by the administrator of the BGP router...
>
> Check out Job@ & Claudio@
> *NOG videos on BGPD / OpenBGPD for more details
> (they are on youtube)
>
> I hope this helps
>
> Bon Chance :)
>
>
>
> On Mon, 22 Apr 2019 at 11:17, Mik J <[email protected]> wrote:
> >
> > Hello,
> >
> > I'm trying to set up openbgpd.
> >
> > On site 2, I'm peering with us.bgp-spamd.net and eu.bgp-spamd.net
> > sucessfully.
> > The problem is that these routes are not in the bgp table on site 3. The
> > BGP peerings are up.
> > From site 3 I can ping 192.0.2.2/site 2. I sucessfully receive prefixes
> > announced on site 2.
> > I used next hop self on the ibgp session.Does anyone has an idea ?
> >
> > log updates
> > network 192.0.2.2/32network 10.1.1.0/24
> > myAS="65001"
> > site2="192.0.2.2"
> > site3="192.0.2.3"
> > spam_rs1="64.142.121.62" # us.bgp-spamd.net
> > spam_rs2="217.31.80.170" # eu.bgp-spamd.net
> > spamASN="65066"
> >
> > AS $myAS
> > fib-update no
> >
> > group "spam-bgp" {
> > remote-as $spamASN
> > multihop 64
> > announce none # Do not send any route updates
> > neighbor $spam_rs1
> > neighbor $spam_rs2
> > }
> >
> > group "internalnet" {
> > remote-as $myAS
> > multihop 64
> > neighbor $site3
> > local-address $site2
> > set nexthop self
> > tcp md5sig password password1234
> > }
> >
> >
>
>
> --
> Kindest regards,
> Tom Smyth.
>
>
