I'm using FRR to announce BGP to my upstream provider and I'm not sure whether I'm missing something or it is the way it is.
The thing is FRR is blocking any announcement defined at "Routing -> BGP -> General -> Network" if there is no route for it on the firewall, but there are only routes for smaller networks e.g. /56-64 on it so If a /40-48 is defined it simply is not announced.
Since upstream providers only accept anything >=/48 this breaks everything.
I can bypass it by setting a /48 null route via "System -> Routes" on OPNsense which makes FRR announce the /48 but it feels like a hack.
No, this is the usual way :)
I'm guessing this is a static WAN setup? Or at least not DHCPv6 mode, because DHCPv6 mode will set the null route for your prefix (because it actually knows it from the ISP).
Cheers,
Franco
Quote from: Voodoo on September 19, 2023, 10:43:10 PM
I can bypass it by setting a /48 null route via "System -> Routes" on OPNsense which makes FRR announce the /48 but it feels like a hack.
From my core Catalyst 6500 back in the days:
ip route 217.29.32.0 255.255.240.0 Null0 250
ipv6 route 2A00:B580::/32 Null0 250
You want a "never goes away" route for the aggregate you announce via BGP ...
Extra bonus: eliminates routing loops.
Alright thank you guys :)
And yes it's a static setup for additional ipv6 prefixes.