The provided BGP sample configuration for Quagga on Cymru’s web site didn’t work for me. Since my AS is IPv6-only, I’m only interested in the IPv6 Bogon feed. Here’s an excerpt from my Quagga bgpd.conf:
router bgp aut-num
bgp router-id id
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor cymru-bogon peer-group
neighbor cymru-bogon remote-as 65332
neighbor cymru-bogon timers 3600 10800
neighbor cymru-bogon description AS65332 Cymru FullBogon Feed
neighbor cymru-bogon ebgp-multihop 255
neighbor cymru-bogon password changeme
neighbor cymru-bogon activate
neighbor cymru-bogon prefix-list pl-cymru-ipv4-in in
neighbor cymru-bogon prefix-list pl-cymru-out out
neighbor 38.xx.xx.xx peer-group cymru-bogon
neighbor 193.xx.xx.xx peer-group cymru-bogon
address-family ipv6
neighbor cymru-bogon activate
neighbor cymru-bogon soft-reconfiguration inbound
neighbor cymru-bogon route-map rm-cymru-ipv6-in in
neighbor cymru-bogon prefix-list pl-cymru-ipv6-out out
neighbor 38.xx.xx.xx peer-group cymru-bogon
neighbor 193.xx.xx.xx peer-group cymru-bogon
exit-address-family
ip prefix-list pl-cymru-ipv4-in seq 5 deny any
ip prefix-list pl-cymru-out seq 5 deny any
ipv6 prefix-list pl-cymru-ipv6-out seq 5 deny any
ip community-list 10 permit 65332:888
route-map rm-cymru-ipv6-in permit 10
match community 10
set ip next-hop 192.0.2.1
set ipv6 next-hop global 100::dead:beef:1
Since Zebra won’t install routes learned over BGP that are not routable, I also needed to make sure that 100::dead:beef:1 is (null-)routed. My solution was to install a Cisco-style Null0 interface in /etc/network/interfaces:
# blackhole
iface Null0 inet manual
pre-up ip link add dev Null0 type dummy
pre-up ip link set Null0 up
up ip -6 route add 100::/64 dev Null0 proto static metric 255
up ip -4 route add 192.0.2.1/32 dev Null0 proto static metric 255
down ip link del dev Null0
By the way, that 100::/64 I’m using to null-route is a designated (RFC6666) IPv6 discard-only address block.
Once the BGP session is up, only IPv6 routes will be learned from Cymru’s bogon feed. I’m using IPv4 transport for the BGP session but it should work using IPv6 transport as well.
BGP neighbor is 38.xx.xx.xx, remote AS 65332, local AS xxxxx, external link
Member of peer-group cymru-bogon for session parameters
BGP version 4, remote router ID 38.xx.xx.xx
BGP state = Established, up for 18:52:18
Last read 00:11:49, hold time is 10800, keepalive interval is 3600 seconds
Configured hold time is 10800, keepalive interval is 3600 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 0 118
Keepalives: 20 19
Route Refresh: 0 0
Capability: 0 0
Total: 21 138
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
cymru-bogon peer-group member
AF-dependant capabilities:
Outbound Route Filter (ORF) type (128) Prefix-list:
Send-mode: received
Community attribute sent to this neighbor(both)
Inbound path policy configured
Outbound path policy configured
Incoming update prefix filter list is *pl-cymru-ipv4-in
Outgoing update prefix filter list is *pl-cymru-out
0 accepted prefixes
For address family: IPv6 Unicast
cymru-bogon peer-group member
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor(both)
Inbound path policy configured
Outbound path policy configured
Outgoing update prefix filter list is *pl-cymru-ipv6-out
Route map for incoming advertisements is *rm-cymru-ipv6-in
60088 accepted prefixes
Connections established 1; dropped 0
Last reset never
External BGP neighbor may be up to 255 hops away.
Local host: 185.xx.xx.xx, Local port: 59623
Foreign host: 38.xx.xx.xx, Foreign port: 179
Nexthop: 185.xx.xx.xx
Nexthop global: 2001:xxxx:xxxx::
Nexthop local: fe80::225:xxxx:xxxx:xxxx
BGP connection: non shared network
Read thread: on Write thread: off
