Differences

This shows you the differences between two versions of the page.

--- wiki:bgp_ip_transit_info [2025/12/16 15:04] – created antisa
+++ wiki:bgp_ip_transit_info [2026/01/21 12:54] (current) – add Checking propagation antisa
@@ Line 10: / Line 10: @@
 If you want it routed under our ASN of the server provider (more statically as they would have to add/remove it manually), they would create the route object for your ipv4 and ipv6 or you can, and specify Origin as ASN# of the provider, and they would simply route the ips to your server directly.
+Here's an example after creating route objects in RIPE
+{{:wiki:screenshots:2025:12:ripe-route6-object.png?direct&600|}}
+{{:wiki:screenshots:2025:12:ripe-route4-object.png?direct&600|}}
+You also need to add the ROA objects:
+{{:wiki:screenshots:2025:12:ripe-roa-added.png?direct&600|}}
+{{:wiki:screenshots:2025:12:ripe-roa-added-list48.png?direct&600|}}
+Then you can query it in the database //"Query Database"//, by entering the IPv6 or v4 subnet.
+The minimum routing for ipv6 is a /48 for BGP. typically a /64 is assigned to your own customers.
+for ipv4 it is a /24 for minimum for BGP routing.
+So make sure you have your route objects created for the /24 ipv4 and at least a /48 or larger for the ipv6 block that you want to advertise with your ASN as the registered origin.
+Provider will add your ASN to their AS-Set so you can advertise the prefixes under your ASN through the provider. It sometimes will take up to 48hrs for upstreams to see your prefixes and allow it, so the sooner you get those route objects created the better. Example:
+https://www.radb.net/query?keywords=as-tzulo
+If you only have one location, then you can advertise the whole /32 block. if you have more then 1x location then you can split it to /48s or /40 or /36 etc. so you have large block in each location.
+if you do split it smaller then a /32, then you should create that route object as well to match.
+===== gobgp software example =====
+A working BGP session with [[https://github.com/osrg/gobgp/blob/master/docs/sources/getting-started.md|gobgp software]].
+You need to allow inbound port 179 in the firewall for both v4 and v6.
+For IPv6 you need to have that set up on the network interface as well:
+<code>
+: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
+    link/ether a0:36:9f:d6:67:c0 brd ff:ff:ff:ff:ff:ff
+    inet 198.44.157.3/29 brd 198.44.157.7 scope global noprefixroute eth0
+       valid_lft forever preferred_lft forever
+    inet6 2607:9000:600:24::2/64 scope global noprefixroute
+       valid_lft forever preferred_lft forever
+    inet6 fe80::a236:9fff:fed6:67c0/64 scope link noprefixroute
+       valid_lft forever preferred_lft forever
+</code>
+//gobgpd.conf//:
+<code>
+[global.config]
+  as = 203619
+  router-id = "198.44.157.3"
+[[neighbors]]
+  [neighbors.config]
+    neighbor-address = "198.44.157.1"
+    peer-as = 11878
+[[neighbors]]
+  [neighbors.config]
+    neighbor-address = "2607:9000:600:24::1"
+    peer-as = 11878
+</code>
+//router-id// should be the IP address of your interface (eth0)
+//as// is your assigned ASN number.
+//neighbor-address// is the IP of the peer, provider should give you this info.
+//peer-as// is peer ASN, also given by provider.
+After starting gobgp you should see the session is established:
+<code>
+# gobgp neighbor
+Peer                   AS     Up/Down State       |#Received  Accepted
+.44.157.1        11878 1d 19:27:31 Establ      |        9         9
+:9000:600:24::1 11878    00:13:06 Establ      |        1         1
+</code>
+Check the routing table
+<code>
+# gobgp global rib -a ipv4
+   Network              Next Hop             AS_PATH              Age        Attrs
+*  0.0.0.0/0            198.44.157.1         11878 36236          00:06:22   [{Origin: i}]
+*  23.234.84.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  23.234.85.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  23.234.86.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  23.234.87.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  89.124.253.0/24      0.0.0.0                                   00:06:23   [{Origin: ?}]
+*  198.44.132.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  198.44.140.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  198.44.157.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
+*  198.54.132.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
+# gobgp global rib -a ipv6
+   Network              Next Hop             AS_PATH              Age        Attrs
+*  ::/0                 2607:9000:600:24::1  11878 36236          00:06:27   [{Origin: i}]
+*  2a03:c040::/48       ::                                        00:06:24   [{Origin: ?}]
+</code>
+Now you can assing IPs from the subnet you own to the loopback interface. It should work even though its not on the eth0 interface.
+<code>
+: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+    inet 127.0.0.1/8 scope host lo
+       valid_lft forever preferred_lft forever
+    inet 89.124.253.5/32 scope global lo
+       valid_lft forever preferred_lft forever
+    inet6 2a03:c040::5/128 scope global
+       valid_lft forever preferred_lft forever
+    inet6 ::1/128 scope host
+       valid_lft forever preferred_lft forever
+</code>
+<WRAP center round box 60%>
+Sometimes you might get an IP address from the private space from the provider like 10.255.0.2 for your side of the BGP session. You need to add it (via ''ip'', ''nmcli'' etc.) to your main interface for it to work e.g.
+<code>
+: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+    inet 127.0.0.1/8 scope host lo
+       valid_lft forever preferred_lft forever
+    inet 89.124.253.5/32 scope global lo
+       valid_lft forever preferred_lft forever
+    inet6 2a03:c040::5/128 scope global
+       valid_lft forever preferred_lft forever
+    inet6 ::1/128 scope host
+       valid_lft forever preferred_lft forever
+: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
+    link/ether 5c:b9:01:90:1c:e8 brd ff:ff:ff:ff:ff:ff
+    inet 45.128.135.226/32 scope global noprefixroute eth0
+       valid_lft forever preferred_lft forever
+    inet 10.255.0.2/30 scope global eth0
+       valid_lft forever preferred_lft forever
+...
+# gobgp neighbor
+Peer            AS  Up/Down State       |#Received  Accepted
+.255.0.1  206804 00:00:55 Establ      |        1         1
+fd00:136::1 206804    never Active      |        0         0
+</code>
+</WRAP>
+===== Checking propagation =====
+Here's an example of Tzulo server provider which advertises to multiple upstreams
+https://bgp.he.net/AS11878#_graph4
+https://bgp.tools/as/11878#connectivity
+which has multiple arrows pointing to upstreams.
 ====== Tested on ======
-  *
+  * gobgp_version: 4.2.0
+  * January 2026.
 ====== See also ======
 ====== References ======
+  * https://null.53bits.co.uk/page/example-gobgp-config
+  * https://cs249i.stanford.edu/projects/project_1.pdf
+  * https://www.noction.com/blog/bgp-anycast
+  * https://render.com/blog/how-to-build-an-anycast-network