You need **have public IPv4** for the tunnel type in this howto. **One server with BGP session options** and talk to oneprovider to enable the option (it's not free, the price is on demand, here +50€/month). Our ASN for the exemple is ASN 266671, announced route is: 45.225.75.0/24, oneprovider ASN is 9009 Here we use limited MTU to work over PPP (GPON) PS: 00:22:4d:a4:3b:51 from I receive my trafic (MITAC INTERNATIONAL CORP.) == Please add a route object from your LACNIC account pointing your range to your ASN 266671. == {{:lacnic-1.png?direct|}} {{:lacnic-2.png?direct|}} == /etc/bird/bird6.conf == router id 37.120.157.227; protocol bgp ONEPROVIDER { local as 266671; source address 2A0D:5600:X:2; import none; export all; graceful restart on; multihop 2; neighbor 2A0D:5600:X::1 as 9009; } protocol static { route 2803:1920::/32 via 2A0D:5600:X::2; } protocol device { scan time 5; } == /etc/bird/bird.conf == router id 185.64.105.21; protocol bgp ONEPROVIDER { local as 266671; source address 185.64.105.21; import none; export all; graceful restart on; multihop 2; neighbor 185.64.105.1 as 9009; } protocol static { route 45.225.75.0/24 via 185.64.105.21; } protocol device { scan time 5; } == should show == bird> show proto all name proto table state since info ONEPROVIDER BGP master up 14:14:14 Established Preference: 100 Input filter: REJECT Output filter: ACCEPT Routes: 0 imported, 1 exported, 0 preferred Route change stats: received rejected filtered ignored accepted Import updates: 2 0 2 0 0 Import withdraws: 0 0 --- 2 0 Export updates: 1 0 0 --- 1 Export withdraws: 0 --- --- --- 0 BGP state: Established Neighbor address: 185.64.105.1 Neighbor AS: 9009 Neighbor ID: 91.216.163.254 Neighbor caps: refresh restart-aware AS4 Session: external multihop AS4 Source address: 185.64.105.21 Hold timer: 155/240 Keepalive timer: 52/80 static1 Static master up 14:13:47 Preference: 200 Input filter: ACCEPT Output filter: REJECT Routes: 1 imported, 0 exported, 1 preferred Route change stats: received rejected filtered ignored accepted Import updates: 1 0 0 0 1 Import withdraws: 0 0 --- 0 0 Export updates: 0 0 0 --- 0 Export withdraws: 0 --- --- --- 0 device1 Device master up 14:13:47 Preference: 240 Input filter: ACCEPT Output filter: REJECT Routes: 0 imported, 0 exported, 0 preferred == /etc/quagga/bgpd.conf == ! hostname hades password Ddnv6ovqSEwtdiL9q89KKAmV log file /var/log/bgpd.log log stdout ! router bgp 266671 bgp router-id 37.120.157.Z neighbor 37.120.157.Y remote-as 9009 neighbor 2A0D:5600:X::1 remote-as 9009 ! address-family ipv6 network 2803:1920::/32 neighbor 2A0D:5600:X::1 activate exit-address-family address-family ipv4 network 45.225.75.0/24 neighbor 37.120.157.Y activate exit-address-family exit ! line vty ! == /etc/network/interfaces == source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 185.64.105.21/24 gateway 185.64.105.1 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 91.216.163.2 91.216.163.3 dns-search op-net.com #router gateway auto eth0:0 iface eth0:0 inet static address 45.225.75.1 netmask 255.255.255.255 ## Ipv6 configuration iface eth0 inet6 static address 2a04:2180:0:2::12b netmask 64 gateway 2a04:2180:0:2::1 dns-nameservers 2a04:2180::101:53 2a04:2180::102:53 == Setup the tunnel from oneprovider to confiared == /sbin/modprobe ipip /sbin/ip tu ad confiared mode ipip local 185.64.105.21 remote 190.186.245.10 ttl 64 dev eth0 /sbin/ip ad ad dev confiared 10.0.0.1 peer 45.225.75.2/32 /sbin/ip li se dev confiared up /sbin/ip link set dev confiared mtu 1280 /bin/ping 45.225.75.2 & /sbin/ip ro ad 45.225.75.0/24 via 45.225.75.2 == service script == #! /bin/sh ### BEGIN INIT INFO # Provides: uptunnel # Required-Start: $remote_fs $time # Required-Stop: umountnfs $time # X-Stop-After: sendsigs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: up tunnel # Description: up tunnel ## END INIT INFO # # Author: BRULE Herman Jacques Roger # # PATH should only include /usr/* if it runs after the mountnfs.sh script PATH=/sbin:/usr/sbin:/bin:/usr/bin DESC="up tunnel" NAME=uptunnel uptunnel=uptunnel DAEMON=/root/up-tunnel.sh PIDFILE=/var/run/uptunnel.pid SCRIPTNAME=/etc/init.d/$NAME # Define LSB log_* functions. . /lib/lsb/init-functions case "$1" in start) log_daemon_msg "Starting $DESC" "$uptunnel" start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON ;; stop) log_daemon_msg "Stopping $DESC" "$uptunnel" start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON ;; restart|force-reload) $0 stop $0 start ;; try-restart) $0 status >/dev/null 2>&1 && $0 restart ;; status) status_of_proc -p $PIDFILE $DAEMON $uptunnel && exit 0 || exit $? ;; *) echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|try-restart|status}" >&2 exit 3 ;; esac : == Setup the tunnel from confiared to oneprovider == Add into /etc/iproute2/rt_tables: 200 confiared /sbin/modprobe ipip /bin/ip tu ad oneprovider mode ipip local 190.186.245.10 remote 185.64.105.21 ttl 64 dev eth0 /bin/ip ad ad dev oneprovider 45.225.75.2 peer 10.0.0.1/32 /bin/ip li se dev oneprovider up /bin/ip link set dev oneprovider mtu 1280 /bin/ping 10.0.0.1 & # real ISP /bin/ip ro ad 185.64.105.21/32 via ISPIPv4Gateway # return gateway /bin/ip rule add from 45.225.75.0/24 table confiared /bin/ip route add default via 10.0.0.1 dev oneprovider table confiared /bin/ip route add 172.20.0.0/16 dev eth0 table confiared == Registring to RIPE == === Create a RIPE NCC Access Account === Create a RIPE NCC Access Account: https://access.ripe.net/registration === Create your person/maintainer object in the RIPE Database === Create your person/maintainer object in the RIPE Database: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/person/self ( please note that before you can create your person/maintainer pair you first need to login with your RIPE NCC Access account) === Create your autnum object === Create your autnum object: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/RIPE/aut-num Please fill in the AS number you are going to use for the route object(s), an organisation name, and the nic-handle that you created in your person/maintainer object in the admin-c and the tech-c. === Create your route object === Create your route object: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/RIPE/route Please fill in your prefix and the AS number and submit. Your route object will now be visible in the RIPE Database. Please note that we do not control routing configuration and do not have an active role in the configuration of the routers and BGP setting being used. Entering Route object into the RIPE Database does not automatically mean those routes will be picked up by the providers/networks. Some networks filter and configure their routers automatically using the RIPE Database Internet Routing registry (IRR). You will need to make sure your routing configuration is set up correctly.