From cffb835f3083a8b089eaa49c19792e76084a1493 Mon Sep 17 00:00:00 2001 From: sam Date: Tue, 19 May 2026 08:08:55 -0700 Subject: [PATCH] Enable IPv6 feed: run GoBGP in host network mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The IPv6 eBGP session never established because the Docker bridge has no IPv6. Switch the gobgp container to network_mode: host so it uses the host's real dual-stack connectivity — both sessions to AS57355 now source from the host's public v4/v6 addresses. Host mode binds the host's port namespace, so disable GoBGP's inbound BGP listener (port = -1) — we only originate outbound sessions, and a non-root container cannot bind privileged port 179. Co-Authored-By: Claude Opus 4.7 (1M context) --- docker-compose.yml | 5 +++++ gobgp/gobgpd.conf | 7 ++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index eabffc3..ec95bf9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -427,6 +427,11 @@ services: restart: unless-stopped container_name: obmp-gobgp image: jauderho/gobgp:v4.5.0 + # Host networking: the daemon uses the host's real IPv4 + IPv6 stack, so + # both the v4 and v6 eBGP sessions to AS57355 source from the host's + # public addresses (no Docker IPv6/NAT plumbing). BMP still reaches the + # collector on 10.40.40.202:5000 (its published port). + network_mode: host depends_on: - collector # gobgpd reads /config/gobgpd.conf; the same mount carries mrt-refresh.sh diff --git a/gobgp/gobgpd.conf b/gobgp/gobgpd.conf index 2005e92..d5db2d7 100644 --- a/gobgp/gobgpd.conf +++ b/gobgp/gobgpd.conf @@ -14,9 +14,10 @@ [global.config] as = 65001 router-id = "10.40.40.250" - # Listen for inbound BGP on the standard port. We only originate - # outbound sessions, but the daemon still needs a listen port. - port = 179 + # We only originate outbound sessions to the route server; disable the + # inbound BGP listener (port -1) so the daemon needs no privileged + # (<1024) bind -- required under docker network_mode: host. + port = -1 # --- Neighbor: route server, IPv4 feed -------------------------------------- # The IPv4 transport session carries the full IPv4 table only.