{{tag>ip bgp networking asn ripe arin subnet anycast}}

====== bgp ip transit info ======

Getting your IPs from RIPE/ARIN etc. takes a lot of time and back and forth. Prepare at least for a month if you need to wait for someone else to transfer the IPs to you.

The obtained subnet can be advertised from your server(s) via [[https://github.com/osrg/gobgp|goBGP]] or similar. There are 2 ways to do it **dynamic** or **static** BGP routing. You need to tell your server provider which one you want.

In dynamic setup you use your own AS# then you would setup BGP, and create a route object with ripe/arin for your ipv4 and ipv6 and specify the origin as your AS#. That would be dynamic routing as you could advertise or remove it from the provider on your own.

If you want it routed under our ASN of the server provider (more statically as they would have to add/remove it manually), they would create the route object for your ipv4 and ipv6 or you can, and specify Origin as ASN# of the provider, and they would simply route the ips to your server directly.

Here's an example after creating route objects in RIPE

{{:wiki:screenshots:2025:12:ripe-route6-object.png?direct&600|}}
{{:wiki:screenshots:2025:12:ripe-route4-object.png?direct&600|}}

You also need to add the ROA objects:

{{:wiki:screenshots:2025:12:ripe-roa-added.png?direct&600|}}
{{:wiki:screenshots:2025:12:ripe-roa-added-list48.png?direct&600|}}


Then you can query it in the database //"Query Database"//, by entering the IPv6 or v4 subnet.

The minimum routing for ipv6 is a /48 for BGP. typically a /64 is assigned to your own customers.
for ipv4 it is a /24 for minimum for BGP routing.

So make sure you have your route objects created for the /24 ipv4 and at least a /48 or larger for the ipv6 block that you want to advertise with your ASN as the registered origin.

Provider will add your ASN to their AS-Set so you can advertise the prefixes under your ASN through the provider. It sometimes will take up to 48hrs for upstreams to see your prefixes and allow it, so the sooner you get those route objects created the better. Example:
https://www.radb.net/query?keywords=as-tzulo

If you only have one location, then you can advertise the whole /32 block. if you have more then 1x location then you can split it to /48s or /40 or /36 etc. so you have large block in each location.
if you do split it smaller then a /32, then you should create that route object as well to match.

===== gobgp software example =====
A working BGP session with [[https://github.com/osrg/gobgp/blob/master/docs/sources/getting-started.md|gobgp software]].

You need to allow inbound port 179 in the firewall for both v4 and v6.

For IPv6 you need to have that set up on the network interface as well:

<code>
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether a0:36:9f:d6:67:c0 brd ff:ff:ff:ff:ff:ff
    inet 198.44.157.3/29 brd 198.44.157.7 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 2607:9000:600:24::2/64 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::a236:9fff:fed6:67c0/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

</code>

//gobgpd.conf//:
<code>
[global.config]
  as = 203619
  router-id = "198.44.157.3"

[[neighbors]]
  [neighbors.config]
    neighbor-address = "198.44.157.1"
    peer-as = 11878

[[neighbors]]
  [neighbors.config]
    neighbor-address = "2607:9000:600:24::1"
    peer-as = 11878

</code>

//router-id// should be the IP address of your interface (eth0)

//as// is your assigned ASN number.

//neighbor-address// is the IP of the peer, provider should give you this info.

//peer-as// is peer ASN, also given by provider.

After starting gobgp you should see the session is established:

<code>
# gobgp neighbor
Peer                   AS     Up/Down State       |#Received  Accepted
198.44.157.1        11878 1d 19:27:31 Establ      |        9         9
2607:9000:600:24::1 11878    00:13:06 Establ      |        1         1
</code>

Check the routing table

<code>
# gobgp global rib -a ipv4
   Network              Next Hop             AS_PATH              Age        Attrs
*  0.0.0.0/0            198.44.157.1         11878 36236          00:06:22   [{Origin: i}]
*  23.234.84.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
*  23.234.85.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
*  23.234.86.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
*  23.234.87.0/24       198.44.157.1         11878                00:06:22   [{Origin: i}]
*  89.124.253.0/24      0.0.0.0                                   00:06:23   [{Origin: ?}]
*  198.44.132.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
*  198.44.140.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
*  198.44.157.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
*  198.54.132.0/24      198.44.157.1         11878                00:06:22   [{Origin: i}]
# gobgp global rib -a ipv6
   Network              Next Hop             AS_PATH              Age        Attrs
*  ::/0                 2607:9000:600:24::1  11878 36236          00:06:27   [{Origin: i}]
*  2a03:c040::/48       ::                                        00:06:24   [{Origin: ?}]

</code>

Now you can assing IPs from the subnet you own to the loopback interface. It should work even though its not on the eth0 interface.

<code>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 89.124.253.5/32 scope global lo
       valid_lft forever preferred_lft forever
    inet6 2a03:c040::5/128 scope global
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
</code>

<WRAP center round box 60%>
Sometimes you might get an IP address from the private space from the provider like 10.255.0.2 for your side of the BGP session. You need to add it (via ''ip'', ''nmcli'' etc.) to your main interface for it to work e.g.

<code>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 89.124.253.5/32 scope global lo
       valid_lft forever preferred_lft forever
    inet6 2a03:c040::5/128 scope global
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 5c:b9:01:90:1c:e8 brd ff:ff:ff:ff:ff:ff
    inet 45.128.135.226/32 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 10.255.0.2/30 scope global eth0
       valid_lft forever preferred_lft forever
...

# gobgp neighbor
Peer            AS  Up/Down State       |#Received  Accepted
10.255.0.1  206804 00:00:55 Establ      |        1         1
fd00:136::1 206804    never Active      |        0         0

</code>

</WRAP>

===== Checking propagation =====
Here's an example of Tzulo server provider which advertises to multiple upstreams
https://bgp.he.net/AS11878#_graph4

https://bgp.tools/as/11878#connectivity

which has multiple arrows pointing to upstreams.

====== Tested on ======
  * gobgp_version: 4.2.0
  * January 2026.

====== See also ======

====== References ======
  * https://null.53bits.co.uk/page/example-gobgp-config
  * https://cs249i.stanford.edu/projects/project_1.pdf
  * https://www.noction.com/blog/bgp-anycast
  * https://render.com/blog/how-to-build-an-anycast-network