diff --git a/docker-compose.yml b/docker-compose.yml
index eabffc3..ec95bf9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -427,6 +427,11 @@ services:
     restart: unless-stopped
     container_name: obmp-gobgp
     image: jauderho/gobgp:v4.5.0
+    # Host networking: the daemon uses the host's real IPv4 + IPv6 stack, so
+    # both the v4 and v6 eBGP sessions to AS57355 source from the host's
+    # public addresses (no Docker IPv6/NAT plumbing). BMP still reaches the
+    # collector on 10.40.40.202:5000 (its published port).
+    network_mode: host
     depends_on:
       - collector
     # gobgpd reads /config/gobgpd.conf; the same mount carries mrt-refresh.sh
diff --git a/gobgp/gobgpd.conf b/gobgp/gobgpd.conf
index 2005e92..d5db2d7 100644
--- a/gobgp/gobgpd.conf
+++ b/gobgp/gobgpd.conf
@@ -14,9 +14,10 @@
   [global.config]
     as = 65001
     router-id = "10.40.40.250"
-    # Listen for inbound BGP on the standard port. We only originate
-    # outbound sessions, but the daemon still needs a listen port.
-    port = 179
+    # We only originate outbound sessions to the route server; disable the
+    # inbound BGP listener (port -1) so the daemon needs no privileged
+    # (<1024) bind -- required under docker network_mode: host.
+    port = -1
 
 # --- Neighbor: route server, IPv4 feed --------------------------------------
 # The IPv4 transport session carries the full IPv4 table only.