BGP FRR can't announce /48 without hack ?

Started by Voodoo, September 19, 2023, 10:43:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 19, 2023, 10:43:10 PM
I'm using FRR to announce BGP to my upstream provider and I'm not sure whether I'm missing something or it is the way it is.

The thing is FRR is blocking any announcement defined at "Routing -> BGP -> General -> Network" if there is no route for it on the firewall, but there are only routes for smaller networks e.g. /56-64 on it so If a /40-48 is defined it simply is not announced.

Since upstream providers only accept anything >=/48 this breaks everything.

I can bypass it by setting a /48 null route via "System -> Routes" on OPNsense which makes FRR announce the /48 but it feels like a hack.
September 20, 2023, 05:59:11 AM #1
No, this is the usual way :)
September 20, 2023, 11:44:32 AM #2
I'm guessing this is a static WAN setup? Or at least not DHCPv6 mode, because DHCPv6 mode will set the null route for your prefix (because it actually knows it from the ISP).


Cheers,
Franco
September 20, 2023, 11:54:16 AM #3
Quote from: Voodoo on September 19, 2023, 10:43:10 PM
I can bypass it by setting a /48 null route via "System -> Routes" on OPNsense which makes FRR announce the /48 but it feels like a hack.

From my core Catalyst 6500 back in the days:
Code Select
ip route 217.29.32.0 255.255.240.0 Null0 250
ipv6 route 2A00:B580::/32 Null0 250


You want a "never goes away" route for the aggregate you announce via BGP ...

Extra bonus: eliminates routing loops.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
September 20, 2023, 02:53:45 PM #4
Alright thank you guys  :)

And yes it's a static setup for additional ipv6 prefixes.
Print
Go Up Pages1
User actions