Announce my brand new IP range

This page has moved to Introducing AS205126 part 2: Announce my IP range blog post.

Setup your first router

To setup your first router, you might need to find someone that gives upstream. It can be Vultr, Virtua.cloud, even LagrangeCloud.

In my case I went to Lagrange but I had some issues with the prefix announcement. They see my prefix, but it does not export it for some unknown reason.

After they applied the RPKI signing on my prefix, it was finally accepted.

So to announce my prefix, as I live in France, I went for Virtua.cloud. It is a french VPS provider that offers BGP session with upstream. The pros with this provider is that with them I only have 2 BGP hop for Telia and HE.net, 3 BGP hop for the ¾ of French residential ISPs and I am listed to FranceIX route server.
Even with a non peered residential ISP I manage to only have ~5ms RTT. Also a big pro, is that I have unlimited bandwidth.


Sadly there is always a con somewhere, I don’t have a Gbit NIC and only have 100Mbps (even if sometimes I have 300Mbps on my speedtest using a tunnel to my router)

The speedtest

This is the entire page in two screenshots, but I maked the IP. But the 5ms with my AS to the cloudflare server is really really good. With my home ISP I only have 4ms to CF servers.


The announcement itself

After all the wow effect, you need to announce your prefix, and here I met Pathvector.

Pathvector is a BGP helper to help you configure your BGP session. It is compatible with the BIRD BGP daemon.

I will assume your OS is a Debian based system.

Step 1: Update all the packages on the VPS

To update all the packages, execute:

sudo apt update && sudo apt upgrade -y

If needed, you can upgrade your distribution.

Step 2: Install BIRD and Pathvector

In this step I encountered an issue with the pathvector repository, where I had an GPG key error.

You can find the package file on the project repository: natesales/pathvector.

sudo apt install bird2 -y
wget https://github.com/natesales/pathvector/releases/download/v6.3.2/pathvector-6.3.2-linux-amd64.deb
sudo dpkg -i pathvector-6.3.2-linux-amd64.deb
sudo systemctl enable --now bird

Step 3: Configure pathvector

In the file /etc/pathvector.yml, you can use the following config:

asn: <your ASN without the AS>
router-id: <your VPS IPv4 address>
source6: <your VPS IPv6 address>
bgpq-args: -S AFRINIC,APNIC,ARIN,LACNIC,RIPE
irr-server: rr.ntt.net
irr-query-timeout: 300
rtr-server: rtr.rpki.cloudflare.com:8282

kernel:
  learn: true # in case of hardcoded route in your kernel to your upstream
  export: true # to have BGP routes in your router's kernel

prefixes:
  - <your prefix given by your LIR>

templates:
  upstream:
    multihop: true # useful if your provider tells you that there will be multihop between you and their routers
    allow-local-as: false
    announce: [ "<your ASN without the AS>:0:15" ]
    remove-all-communities: <your ASN without the AS>
    local-pref: 80
    add-on-import: [ "<your ASN without the AS>:0:12" ]
    import-limit6: 300000
    enforce-peer-nexthop: false # As the nexthop is not the neighbors' ips
    #filter-irr: true # Uncomment to reject invalid IRR prefixes, many provider does not enabled it

peers:
  YourUpstreamName:
    asn: <your upstream asn without AS prefix>
    template: upstream
    password: <if they gave you a session password, otherwise remove that line>
    neighbors:
      - <neighbor's ip>

This file is a minimal configuration of pathvector with RPKI check.

You can also see the announce and add-on-import instruction, those two lines are optional, but can be useful in case of you have downstream (you provide internet to your peer), and we call that BGP communities.

For your information, I have not experienced BGP communities yet.

Step 4: Announce to the upstream !

To announce to the upstream, you have to generate the pathvector configuration, using the pathvector generate command.

It will configure BIRD for you.

Note: I had an issue here where my sessions were stuck in Start state.
There were some issues:

  1. I forgot to create a route in the kernel as requested by my provider.

  2. When multihop enabled, pathvector will set the multihop to 255, my provider ask for 5 hops max.

  3. Bird was rejecting route because of the route IP was not equals to the neighbor’s IP. That case is normal for my provider.

Step 5: Set an IP to your router

I created a systemd service to create my IP interface and the missing route described above, by creating a file in /etc/systemd/system/dummy-interface.service 

[Unit]
Description=Setup dummy for LeoTelecom
Wants=network-online.target
After=network-online.target
Before=bird.service

[Service]
Type=oneshot
ExecStartPre=/usr/bin/ip link add dummy1 type dummy
ExecStartPre=/usr/bin/ip link set dev dummy1 up
ExecStartPre=/usr/bin/ip -6 addr add dev dummy1 YOUR_IP_RANGE::1/48
#ExecStartPre=/usr/bin/ip -6 route add local YOUR_IP_RANGE::/48 dev lo # Uncomment this line if you want your router to ping all the IPs
ExecStartPre=/usr/bin/ip -6 route add YOUR_PROVIDER_ROUTER:1/128 via fe80::1 dev eth0
ExecStartPre=/usr/bin/ip -6 route add YOUR_PROVIDER_ROUTER:2/128 via fe80::1 dev eth0
ExecStartPre=/usr/bin/ip -6 route add YOUR_PROVIDER_ROUTE::/48 via fe80::1 dev eth0
ExecStart=/usr/bin/ip link set dummy1 up
ExecStopPost=/usr/bin/ip link set dummy1 down
ExecStopPost=/usr/bin/ip link del dev dummy1
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

To enable the interface on machine boot, execute:

sudo systemctl daemon-reload
sudo systemctl enable --now  dummy-interface

What now?

Now you see the routes from your provider in your kernel route table: ip -6 r

The command pathvector status can give you useful insight:

# pathvector status
PEER         AS     NEIGHBOR          STATE  IN      OUT     SINCE                INFO
static6      -      -                 up     1       0       2025-08-26 14:33:55
default4     -      -                 up     1       0       2025-08-26 14:33:55
default6     -      -                 up     1       0       2025-08-26 14:33:55
device1      -      -                 up     2       0       2025-08-26 14:33:55
kernel1      -      -                 up     1       4       2025-08-26 14:33:55
kernel2      -      -                 up     5       223392  2025-08-26 14:33:55
null4        -      -                 up     1       0       2025-08-26 14:33:55
null6        -      -                 up     1       0       2025-08-26 14:33:55
rpki1        -      -                 up     589749  0       2025-08-26 14:38:25  Established
VirtuaCloud  35661  YOUR_PROVIDER_RS  up     223386  1       2025-08-26 14:33:58  Established
VirtuaCloud  35661  YOUR_PROVIDER_RS  up     223379  1       2025-08-26 14:33:58  Established

The logs are stored in journalctl -u bird.

Before Tier 1 ISPs see your IP range it can take around 24h, the time they refresh their IRR, RPKI is you configured one and see your announcement is just noise.

To see near real-time (with some minutes to hours delays), bgp.tools is a wonderful website to check.

BGP.Tools

You enter your AS number and if your ASN is seen by some peers it will mark a peer and after 12h it started for me to show up T1 ISP in this graph:


Conclusion

We saw how to have connectivity, even on my really brand new ASN.

The next page is about configure your own reverse DNS on your IP range.