eBGP Multihop Peering Mikrotik Lab


See on the red line is peering between R3 and ISP1 router on different subnet called multihop. Configuration requires static routes or enabled IGP so that the neighbors can reach each other. Setting eBGP to Loopback addresses can protect BGP from DOS attacks

ISP1
/routing bgp instance
set default as=10 redistribute-connected=yes

/routing bgp network
add network=8.8.8.8/32
add network=192.168.1.0/24

/routing bgp peer
add name=toR1 remote-address=23.23.23.2 remote-as=30
add multihop=yes name=R2 remote-address=10.10.1.2 remote-as=40

[admin@ISP1] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADb  1.1.1.1/32                         10.10.1.2                20
 1 ADC  8.8.8.8/32         8.8.8.8         lo1                       0
 2 ADo  10.10.1.0/24                       12.12.12.2              110
 3 ADb  10.10.2.0/24                       23.23.23.2               20
 4 ADb  10.10.3.0/24                       23.23.23.2               20
 5 ADC  12.12.12.0/24      12.12.12.1      ether1                    0
 6 ADC  23.23.23.0/24      23.23.23.1      ether2                    0
 7 ADo  34.34.34.0/24                      12.12.12.2              110
 8 ADC  192.168.1.0/24     192.168.1.1     ether3                    0

R2
/routing bgp instance
set default as=40

/routing bgp network
add network=1.1.1.1/32

/routing bgp peer
add multihop=yes name=ISP1 remote-address=8.8.8.8 remote-as=10

[admin@R2] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          10.10.1.1                 1
 1 ADC  1.1.1.1/32         1.1.1.1         lo1                       0
 2 ADb  8.8.8.8/32                         8.8.8.8                  20
 3 ADC  10.10.1.0/24       10.10.1.2       ether1                    0
 4 ADb  10.10.2.0/24                       8.8.8.8                  20
 5 ADb  10.10.3.0/24                       8.8.8.8                  20
 6 ADb  12.12.12.0/24                      8.8.8.8                  20
 7 ADb  23.23.23.0/24                      8.8.8.8                  20
 8 ADb  192.168.1.0/24                     8.8.8.8                  20