Mikrotik BGP Routing for Google & Limelight Peering

Multi-homed BGP is when your autonomous system peers with multiple internet providers. Peering via BGP with multiple providers allows you to add IP address redundancy, load-balancing inbound/outbound and have greater control of how your addressing is viewed to the internet at large. 
/routing bgp instance
set default as=133xxx disabled=yes
add as=133xxx client-to-client-reflection=no name=INTERNET out-filter=int-out router-id=14.xx.xx.250
add as=133xxx client-to-client-reflection=no name=GOOGLE out-filter=google-out router-id=103.xx.xx.238
add as=133xxx client-to-client-reflection=no name=LIMELIGHT router-id=103.xx.xx.234


/routing bgp network
add network=103.xx.104.0/24 synchronize=no
add network=103.xx.105.0/24 synchronize=no
add network=103.xx.106.0/24 synchronize=no
add network=103.xx.107.0/24 synchronize=no
add network=115.xx.133.0/24 synchronize=no
add network=115.xx.134.0/24 synchronize=no
add network=115.xx.135.0/24 synchronize=no
add network=115.xx.132.0/24 synchronize=no


/routing bgp peer
add in-filter=int-in instance=INTERNET name=INTERNET out-filter=int-out remote-address=14.xx.xx.249 remote-as=47XX ttl=default update-source="00 INTERNET"
add in-filter=dynamic-in instance=GOOGLE name=GOOGLE out-filter=google-out remote-address=103.xx.xx.237 remote-as=55XXX ttl=default
add in-filter=dynamic-in instance=LIMELIGHT name=LIMELIGHT remote-address=103.xx.xx.233 remote-as=55XXX ttl=default update-source="02 LIMELIGHT"


/routing filter
add action=accept chain=google-out prefix=103.xx.104.0/24
add action=accept chain=google-out prefix=103.xx.105.0/24
add action=accept chain=google-out prefix=103.xx.106.0/24
add action=accept chain=google-out prefix=103.xx.107.0/24
add action=accept chain=google-out prefix=115.xx.132.0/24
add action=accept chain=google-out prefix=115.xx.133.0/24
add action=accept chain=google-out prefix=115.xx.134.0/24
add action=accept chain=google-out prefix=115.xx.135.0/24
add action=discard chain=google-out
add action=accept chain=int-out prefix=103.xx.104.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=103.xx.105.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=103.xx.106.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=103.xx.107.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=115.xx.132.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=115.xx.133.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=115.xx.134.0/24 set-bgp-prepend=3
add action=accept chain=int-out prefix=115.xx.135.0/24 set-bgp-prepend=3
add action=discard chain=int-out
add action=accept chain=int-in
at
Labels: , , ,

2 comments:

  1. AnonymousFebruary 28, 2018 at 7:14 PM

    we have tow different upstream and a google peering so how to setup prefix-list for that..

    ReplyDelete
    Replies
    1. AdminSeptember 9, 2018 at 6:27 PM

      you can use default route add action=accept chain=int2-in prefix=0.0.0.0/0
      add action=discard chain=int2-in

      Delete

Subscribe to: Post Comments (Atom)

Mikrotik Malicious Spam IP Blacklist – Firewall Auto Update Script

We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .r...