OpenBGPD on 2.3 - how I got it to work
-
All,
Just wanted to document the hoops I figured out I needed to jump through to get OpenBGPD running on 2.3.1 (I know… need to run the upgrade...)
We wanted to test IPsec to Amazon AWS, followed their guide to configure the E3 end (sort of, their configuration wizard does a great job of not telling you that some of the things you are configuring refer to the remote [pfSense] end…), then I followed https://www.seattleit.net/blog/pfsense-ipsec-vpn-gateway-amazon-vpc-bgp-routing/ to mostly set up the pfSense end of things, and BGPD wouldn't start; "/var/etc/openbgpd/bgpd.conf:7: syntax error" in the Routing logs.
Turns out that the package management page in pfSense doesn't save the network address correctly (it was putting in "0.0.0.0", but BGPD expects there to be a CIDR netmask in there). The only other slight issue we had was that even though I configured both the BGP neighbours in the web front end (for the VPN redundancy they force on you now), the config file only had one neighbour in it. Easy enough to manually correct both issues in vi from the shell.