Early Release #2

We've learned plenty of lessons running this in production, so we've wrapped up our changes and brought them to v0.2:

• prevent route-leaks with "bgp parameters default no-ipv4-unicast" (see T1148 for more information)

• support default-originate for each address-family for a BGP neighbor

• add -LONG- variants hphr-DFZ-LONG-IPv4, hphr-DFZ-DEFAULT-LONG-IPv4, hphr-DFZ-LONG-IPv6, hphr-DFZ-DEFAULT-LONG-IPv6 as prefix-lists for e.g. transit customers who should receive "longer than usual" prefixes from your AS

• add most-specific boolean to prefix-lists auto-generated by bgpq3 so that e.g. you can accept more specifics from downstream customers to whom you provide multiple transit links

• change netflow sampling to be done by iptables -m statistic rather than sending all packets to uacctd, which has a marked improvement on CPU usage

• use iptables --nflog-size 64 where --nflog-range 64 is deprecated

We are running this release in production at AS41495, across multiple datacentres with transit, peering, core links, and downstream customers all speaking to our hphr-powered VyOS routers. You can find out more about our deployment:

• original talk about hphr at NetMcr
• building out to London
• bringing up peering to AS20712

We were originally scheduled to speak about hphr at UKNOF46 in April. This has been postponed till 26th October 2020.