Changes in c7f2e7c: Created OpenBGPd (markdown)

				howto/OpenBGPD.md
			
          @@ -0,0 +1,58 @@

          +This guide describes a simple configuration for [OpenBGPD](https://openbgpd.org) running on [OpenBSD](https://openbsd.org).

          +The [portable version](https://openbgpd.org/ftp.html) should run with little to no configuration changes on other operating systems as well.

          +

          +# Setup

          +Only IPv6 is used for the sake of simplicity.

          +Neighbors use ULA addresses (/127 transfer net) assigned from one of the peer's allocation.

          +

          +The goal is to have a small, yet complete setup for all peers with ROA validation and other safety measurements in place.

          +

          +# Configuration

          +[`/etc/bgpd.conf`](https://man.openbsd.org/bgpd.conf.5) contains all information and includes generated pieces such as ROA sets;  see the `ROA` section in this guide.

          +

          +As per the manual, configuration is divided into logical sections;  [`/etc/examples/bgpd.conf`](http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/etc/examples/bgpd.conf?rev=HEAD&content-type=text/plain&only_with_tag=MAIN) is a complete and commented example which this guide is roughly based on.

          +

          +By default, **bgpd** listens on all local addresses (on the current default [`routing domain`](http://man.openbsd.org/rdomain.4)), but this guide explicitly listens on the configured transfer ULA only for each peer to better illustrate of this setup.

          +

          +## local peer

          +Information such as ASN, router ID and allocated networks are required:

          +```

          +# macros

          +ASN="4242421234"

          +

          +# global configuration

          +AS $ASN

          +router-id 1.2.3.4

          +

          +prefix-set mynetworks {

          +        fd00:12:34::/48

          +}

          +```

          +

          +These can be used in subsequent filter rules.

          +The local peer's announcements is then defined as follows:

          +```

          +# Generate routes for the networks our ASN will originate.

          +# The communities (read 'tags') are later used to match on what

          +# is announced to EBGP neighbors

          +network prefix-set mynetworks set large-community $ASN:1:1

          +```

          +

          +## neighbors

          +For each neighbor its ASN and transfer ULA is required.

          +An optional description is provided such that [`bgpctl`](http://man.openbsd.org/bgpctl.8) for example can be used with mnemonic names instead of AS numbers:

          +```

          +$peerA-local="fd00:12:34:A::1"

          +$peerA-remote="fd00:12:34:A::2"

          +$peerA-ASN="4242425678"

          +

          +listen on $peerA-local

          +neighbor  $peerA-remote {

          +    remote-as $peerA-ASN

          +    descr "peerA"

          +}

          +```

          +

          +# ROA

          +

          +# Looking glass

          \ No newline at end of file

...	...	@@ -0,0 +1,58 @@
	1	+This guide describes a simple configuration for [OpenBGPD](https://openbgpd.org) running on [OpenBSD](https://openbsd.org).
	2	+The [portable version](https://openbgpd.org/ftp.html) should run with little to no configuration changes on other operating systems as well.
	3	+
	4	+# Setup
	5	+Only IPv6 is used for the sake of simplicity.
	6	+Neighbors use ULA addresses (/127 transfer net) assigned from one of the peer's allocation.
	7	+
	8	+The goal is to have a small, yet complete setup for all peers with ROA validation and other safety measurements in place.
	9	+
	10	+# Configuration
	11	+[`/etc/bgpd.conf`](https://man.openbsd.org/bgpd.conf.5) contains all information and includes generated pieces such as ROA sets; see the `ROA` section in this guide.
	12	+
	13	+As per the manual, configuration is divided into logical sections; [`/etc/examples/bgpd.conf`](http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/etc/examples/bgpd.conf?rev=HEAD&content-type=text/plain&only_with_tag=MAIN) is a complete and commented example which this guide is roughly based on.
	14	+
	15	+By default, bgpd listens on all local addresses (on the current default [`routing domain`](http://man.openbsd.org/rdomain.4)), but this guide explicitly listens on the configured transfer ULA only for each peer to better illustrate of this setup.
	16	+
	17	+## local peer
	18	+Information such as ASN, router ID and allocated networks are required:
	19	+```
	20	+# macros
	21	+ASN="4242421234"
	22	+
	23	+# global configuration
	24	+AS $ASN
	25	+router-id 1.2.3.4
	26	+
	27	+prefix-set mynetworks {
	28	+ fd00:12:34::/48
	29	+}
	30	+```
	31	+
	32	+These can be used in subsequent filter rules.
	33	+The local peer's announcements is then defined as follows:
	34	+```
	35	+# Generate routes for the networks our ASN will originate.
	36	+# The communities (read 'tags') are later used to match on what
	37	+# is announced to EBGP neighbors
	38	+network prefix-set mynetworks set large-community $ASN:1:1
	39	+```
	40	+
	41	+## neighbors
	42	+For each neighbor its ASN and transfer ULA is required.
	43	+An optional description is provided such that [`bgpctl`](http://man.openbsd.org/bgpctl.8) for example can be used with mnemonic names instead of AS numbers:
	44	+```
	45	+$peerA-local="fd00:12:34:A::1"
	46	+$peerA-remote="fd00:12:34:A::2"
	47	+$peerA-ASN="4242425678"
	48	+
	49	+listen on $peerA-local
	50	+neighbor $peerA-remote {
	51	+ remote-as $peerA-ASN
	52	+ descr "peerA"
	53	+}
	54	+```
	55	+
	56	+# ROA
	57	+
	58	+# Looking glass
...	...	\ No newline at end of file

Created OpenBGPd (markdown) - initial draft