bgp in the lab #3 | lukasz.bromirski.netbgp in the lab #3<br>07 October 2020 · Łukasz Bromirski | Translations:Pl

Table of Contentsdisclaimer<br>how to get the full feed for IPv4?<br>how to get the full feed for IPv6?<br>be a good citizen<br>example configuration for IOS/IOS-XE<br>example configuration for IOS XR<br>summary

after last blog on sharing full bgp feed for IPv4, I got a number of interesting questions. given many of you were asking to have also IPv6 available, I decided to extend the project to cover that as well.<br>disclaimer#<br>you&rsquo;re doing this ON YOUR OWN . i&rsquo;m not responsible for anything on your end and service itself. so if it crashes your router, makes all traffic to follow different paths, or essentially anything that you can&rsquo;t control - you&rsquo;re completely on your own .<br>i may also discontinue &ldquo;the service&rdquo; at any time, so don&rsquo;t expect this to last forever :)<br>how to get the full feed for IPv4?#<br>things you need to configure on your end to receive full european IPv4 BGP feed to your router:<br>your ASN - 65001<br>my ASN - 57355<br>eBGP multihop session<br>no password<br>version 4<br>my IP - 85.232.240.179 (bonus points for spotting geeky octet)<br>your IP - whatever public IPv4 you have<br>timers - 3600 for hello and 7200 for hold time (very conservative, yes)<br>if you already have your own ASN configured (and for some reason can&rsquo;t change it despite it&rsquo;s targeted for lab environments), you can use local-as feature to use 65001 towards me, while keeping your own ASN

how to get the full feed for IPv6?#<br>things you need to configure on your end to receive full european IPv6 BGP feed to your router:<br>your ASN - 65001<br>my ASN - 57355<br>eBGP multihop session<br>no password<br>version 4<br>my IP - 2001:1A68:2C:2::179 (again, bonus points&mldr; ;) )<br>your IP - whatever public IPv6 you have<br>timers - 3600 for hello and 7200 for hold time (very conservative, yes)<br>be a good citizen#<br>please don&rsquo;t send any prefixes my way. I&rsquo;ll filter them out anyway, but why you want to put additional burden on my end? please don&rsquo;t :)<br>example configuration for IOS/IOS-XE#<br>example config for Cisco IOS/IOS-XE on your side:<br>router bgp 65001 ! global proces for ASN 65001, if you already have other ASN<br>! and can't change it, look below for solution

neighbor 85.232.240.179 remote-as 57355 ! if you want IPv4 feed<br>neighbor 85.232.240.179 ebgp-multihop 255<br>neighbor 85.232.240.179 version 4<br>neighbor 85.232.240.179 description to-luke-bgp-full-feed-router<br>neighbor 85.232.240.179 timers 3600 7200<br>neighbor 85.232.240.179 local-as 65001 ! if you can't use ASN 65001, at least<br>! identify towards me as 65001<br>neighbor 2001:1A68:2C:2::179 remote-as 57355 ! if you want IPv6 feed<br>neighbor 2001:1A68:2C:2::179 ebgp-multihop 255<br>neighbor 2001:1A68:2C:2::179 version 4<br>neighbor 2001:1A68:2C:2::179 description to-luke-bgp-full-feed-router<br>neighbor 2001:1A68:2C:2::179 timers 3600 7200<br>neighbor 2001:1A68:2C:2::179 local-as 65001 ! if you can't use ASN 65001, at least<br>! identify towards me as 65001<br>address-family ipv4 unicast<br>neighbor 85.232.240.179 activate<br>neighbor 85.232.240.179 prefix-list DENY-ALL-V4 out<br>address-family ipv6 unicast<br>neighbor 2001:1A68:2C:2::179 activate<br>neighbor 2001:1A68:2C:2::179 prefix-list DENY-ALL-V6 out<br>ip prefix-list DENY-ALL-V4 seq 5 deny 0.0.0.0/0 le 32<br>ipv6 prefix-list DENY-ALL-V6 seq 5 deny ::/0 le 128

also, on your end, you can optimize a bit TCP stack config with things like:<br>ip tcp selective-ack<br>ip tcp window-size 512000<br>ip tcp path-mtu-discovery

example configuration for IOS XR#<br>example config for Cisco IOS XR on your side:<br>route-policy DROP<br>drop<br>end-policy<br>route-policy PASS<br>pass<br>end-policy<br>router bgp 65001<br>address-family ipv4 unicast<br>address-family ipv6 unicast<br>neighbor 85.232.240.179<br>remote-as 57355<br>ebgp-multihop 255<br>timers 3600 7200<br>description to-luke-bgp-full-feed-router<br>local-as 65001 ! if you're already using some other BGP ASN, use this<br>! command to identify as 65001 towards my route server<br>address-family ipv4 unicast<br>route-policy PASS in<br>route-policy DROP out<br>neighbor 2001:1a68:2c:2::179<br>remote-as 57355<br>ebgp-multihop 255<br>timers 3600 7200<br>description to-luke-bgp-full-feed-router<br>local-as 65001 ! if you're already using some other BGP ASN, use this<br>! command to identify as 65001 towards my route server<br>address-family ipv6 unicast<br>route-policy PASS in<br>route-policy DROP out

summary#<br>how it is different from session I described in previous post? it has public ASN and can feed you with IPv6 data. other than that - there&rsquo;s no change.<br>happy BGPing!