obmp-docker/gobgp/gobgpd.conf

# GoBGP daemon configuration -- OpenBMP "global Internet table" feed (roadmap E1)
#
# Pulls the full real Internet routing table (IPv4 ~1M + IPv6 ~200k routes)
# from Lukasz Bromirski's lab route server (AS57355) and BMP-exports every
# received route to the OpenBMP collector, where it lands in PostgreSQL ip_rib.
# Peering spec: https://lukasz.bromirski.net/post/bgp-w-labie-3/
#
# Receive-only: we announce NOTHING -- AS57355 explicitly asks peers not to
# send prefixes. Local AS is 65001 (the value the route server expects).
# Per the spec: eBGP multihop, no password, keepalive 3600 / hold-time 7200.
# TOML syntax targets GoBGP v3.x / v4.x.

[global]
  [global.config]
    as = 65001
    router-id = "10.40.40.250"
    # We only originate outbound sessions to the route server; disable the
    # inbound BGP listener (port -1) so the daemon needs no privileged
    # (<1024) bind -- required under docker network_mode: host.
    port = -1

# --- Neighbor: route server, IPv4 feed --------------------------------------
# The IPv4 transport session carries the full IPv4 table only.
[[neighbors]]
  [neighbors.config]
    neighbor-address = "85.232.240.179"
    peer-as = 57355
    description = "AS57355 Bromirski lab route-server (IPv4 feed)"
  [neighbors.timers.config]
    keepalive-interval = 3600
    hold-time = 7200
  [neighbors.ebgp-multihop.config]
    enabled = true
    multihop-ttl = 64
  [neighbors.transport.config]
    # we initiate the session; no local-address pinning
    passive-mode = false
  [[neighbors.afi-safis]]
    [neighbors.afi-safis.config]
      afi-safi-name = "ipv4-unicast"

# --- Neighbor: route server, IPv6 feed --------------------------------------
# The IPv6 transport session carries the full IPv6 table only.
[[neighbors]]
  [neighbors.config]
    neighbor-address = "2001:1a68:2c:2::179"
    peer-as = 57355
    description = "AS57355 Bromirski lab route-server (IPv6 feed)"
  [neighbors.timers.config]
    keepalive-interval = 3600
    hold-time = 7200
  [neighbors.ebgp-multihop.config]
    enabled = true
    multihop-ttl = 64
  [neighbors.transport.config]
    passive-mode = false
  [[neighbors.afi-safis]]
    [neighbors.afi-safis.config]
      afi-safi-name = "ipv6-unicast"

# --- BMP export to the OpenBMP collector ------------------------------------
# GoBGP connects OUT to the collector. GoBGP's BMP config requires a literal
# IP (it cannot resolve a hostname), so we target the docker host IP where the
# collector publishes port 5000 -- stable across container recreation, unlike
# the collector's internal docker IP. Matches HOST_IP in .env.
# route-monitoring-policy = "pre-policy" exports the Adj-RIB-In (received
# routes, pre import-policy) -- consistent with the rest of the OpenBMP fleet.
[[bmp-servers]]
  [bmp-servers.config]
    address = "10.40.40.202"
    port = 5000
    route-monitoring-policy = "pre-policy"
    statistics-timeout = 3600
Add GoBGP full-table feed container (roadmap E1) New gobgp service: GoBGP peers eBGP-multihop with the AS57355 lab route server (Bromirski) for the full real IPv4 + IPv6 Internet table and BMP-exports it to the OpenBMP collector, landing in ip_rib as a monitored peer. Config follows the route server's published peering spec: local AS 65001, no password, keepalive 3600 / hold-time 7200, IPv4 feed on the v4 session and IPv6 feed on the v6 session. gobgp/mrt-refresh.sh is a cron-safe fallback that injects RouteViews MRT RIB dumps when the live session is down. The live BGP session is not started here — bringing gobgp up establishes the external session and loads ~1M routes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:39:12 -07:00			`# GoBGP daemon configuration -- OpenBMP "global Internet table" feed (roadmap E1)`
			`#`
			`# Pulls the full real Internet routing table (IPv4 ~1M + IPv6 ~200k routes)`
			`# from Lukasz Bromirski's lab route server (AS57355) and BMP-exports every`
			`# received route to the OpenBMP collector, where it lands in PostgreSQL ip_rib.`
			`# Peering spec: https://lukasz.bromirski.net/post/bgp-w-labie-3/`
			`#`
			`# Receive-only: we announce NOTHING -- AS57355 explicitly asks peers not to`
			`# send prefixes. Local AS is 65001 (the value the route server expects).`
			`# Per the spec: eBGP multihop, no password, keepalive 3600 / hold-time 7200.`
			`# TOML syntax targets GoBGP v3.x / v4.x.`

			`[global]`
			`[global.config]`
			`as = 65001`
			`router-id = "10.40.40.250"`
Enable IPv6 feed: run GoBGP in host network mode The IPv6 eBGP session never established because the Docker bridge has no IPv6. Switch the gobgp container to network_mode: host so it uses the host's real dual-stack connectivity — both sessions to AS57355 now source from the host's public v4/v6 addresses. Host mode binds the host's port namespace, so disable GoBGP's inbound BGP listener (port = -1) — we only originate outbound sessions, and a non-root container cannot bind privileged port 179. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 08:08:55 -07:00			`# We only originate outbound sessions to the route server; disable the`
			`# inbound BGP listener (port -1) so the daemon needs no privileged`
			`# (<1024) bind -- required under docker network_mode: host.`
			`port = -1`
Add GoBGP full-table feed container (roadmap E1) New gobgp service: GoBGP peers eBGP-multihop with the AS57355 lab route server (Bromirski) for the full real IPv4 + IPv6 Internet table and BMP-exports it to the OpenBMP collector, landing in ip_rib as a monitored peer. Config follows the route server's published peering spec: local AS 65001, no password, keepalive 3600 / hold-time 7200, IPv4 feed on the v4 session and IPv6 feed on the v6 session. gobgp/mrt-refresh.sh is a cron-safe fallback that injects RouteViews MRT RIB dumps when the live session is down. The live BGP session is not started here — bringing gobgp up establishes the external session and loads ~1M routes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:39:12 -07:00
			`# --- Neighbor: route server, IPv4 feed --------------------------------------`
			`# The IPv4 transport session carries the full IPv4 table only.`
			`[[neighbors]]`
			`[neighbors.config]`
			`neighbor-address = "85.232.240.179"`
			`peer-as = 57355`
			`description = "AS57355 Bromirski lab route-server (IPv4 feed)"`
			`[neighbors.timers.config]`
			`keepalive-interval = 3600`
			`hold-time = 7200`
			`[neighbors.ebgp-multihop.config]`
			`enabled = true`
			`multihop-ttl = 64`
			`[neighbors.transport.config]`
			`# we initiate the session; no local-address pinning`
			`passive-mode = false`
			`[[neighbors.afi-safis]]`
			`[neighbors.afi-safis.config]`
			`afi-safi-name = "ipv4-unicast"`

			`# --- Neighbor: route server, IPv6 feed --------------------------------------`
			`# The IPv6 transport session carries the full IPv6 table only.`
			`[[neighbors]]`
			`[neighbors.config]`
			`neighbor-address = "2001:1a68:2c:2::179"`
			`peer-as = 57355`
			`description = "AS57355 Bromirski lab route-server (IPv6 feed)"`
			`[neighbors.timers.config]`
			`keepalive-interval = 3600`
			`hold-time = 7200`
			`[neighbors.ebgp-multihop.config]`
			`enabled = true`
			`multihop-ttl = 64`
			`[neighbors.transport.config]`
			`passive-mode = false`
			`[[neighbors.afi-safis]]`
			`[neighbors.afi-safis.config]`
			`afi-safi-name = "ipv6-unicast"`

			`# --- BMP export to the OpenBMP collector ------------------------------------`
Fix GoBGP BMP target: use host IP, not collector hostname GoBGP's BMP config requires a literal IP — 'obmp-collector' failed to parse and the container crash-looped. Point BMP export at the docker host IP (10.40.40.202) where the collector publishes port 5000; stable across container recreation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:51:41 -07:00			`# GoBGP connects OUT to the collector. GoBGP's BMP config requires a literal`
			`# IP (it cannot resolve a hostname), so we target the docker host IP where the`
			`# collector publishes port 5000 -- stable across container recreation, unlike`
			`# the collector's internal docker IP. Matches HOST_IP in .env.`
Add GoBGP full-table feed container (roadmap E1) New gobgp service: GoBGP peers eBGP-multihop with the AS57355 lab route server (Bromirski) for the full real IPv4 + IPv6 Internet table and BMP-exports it to the OpenBMP collector, landing in ip_rib as a monitored peer. Config follows the route server's published peering spec: local AS 65001, no password, keepalive 3600 / hold-time 7200, IPv4 feed on the v4 session and IPv6 feed on the v6 session. gobgp/mrt-refresh.sh is a cron-safe fallback that injects RouteViews MRT RIB dumps when the live session is down. The live BGP session is not started here — bringing gobgp up establishes the external session and loads ~1M routes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:39:12 -07:00			`# route-monitoring-policy = "pre-policy" exports the Adj-RIB-In (received`
			`# routes, pre import-policy) -- consistent with the rest of the OpenBMP fleet.`
			`[[bmp-servers]]`
			`[bmp-servers.config]`
Fix GoBGP BMP target: use host IP, not collector hostname GoBGP's BMP config requires a literal IP — 'obmp-collector' failed to parse and the container crash-looped. Point BMP export at the docker host IP (10.40.40.202) where the collector publishes port 5000; stable across container recreation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:51:41 -07:00			`address = "10.40.40.202"`
Add GoBGP full-table feed container (roadmap E1) New gobgp service: GoBGP peers eBGP-multihop with the AS57355 lab route server (Bromirski) for the full real IPv4 + IPv6 Internet table and BMP-exports it to the OpenBMP collector, landing in ip_rib as a monitored peer. Config follows the route server's published peering spec: local AS 65001, no password, keepalive 3600 / hold-time 7200, IPv4 feed on the v4 session and IPv6 feed on the v6 session. gobgp/mrt-refresh.sh is a cron-safe fallback that injects RouteViews MRT RIB dumps when the live session is down. The live BGP session is not started here — bringing gobgp up establishes the external session and loads ~1M routes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-19 07:39:12 -07:00			`port = 5000`
			`route-monitoring-policy = "pre-policy"`
			`statistics-timeout = 3600`