← Back to index

opnsense_quagga_bgp_neighbor (Resource)

Configure neighbors for BGP.

Example Usage

// Configure a prefix list
resource "opnsense_quagga_bgp_prefixlist" "example0" {
  enabled     = false

  description = "prefixlist0"
  name = "example0"

  number = 1234
  action = "permit"

  network = "10.10.0.0"
}

// Configure a route map
resource "opnsense_quagga_bgp_routemap" "example0" {
  enabled     = false
  description = "routemap0"

  name   = "example0"
  action = "deny"

  route_map_id = 100
  set = "local-preference 300"
}

// Configure a neighbor
resource "opnsense_quagga_bgp_neighbor" "example0" {
  enabled     = false

  description = "neighbor0"

  peer_ip   = "1.1.1.1"
  remote_as = 255

  md5_password            = "12345"
  weight                  = 1
  local_ip                = "2.2.2.2"
  update_source           = "wan"
  link_local_interface    = "wireguard"

  next_hop_self           = true
  next_hop_self_all       = true
  multi_hop               = true
  multi_protocol          = true
  rr_client               = true
  bfd                     = true

  keep_alive              = 100
  hold_down               = 10
  connect_timer           = 10

  default_route           = true
  as_override             = true
  disable_connected_check = true
  attribute_unchanged     = "as-path"

  prefix_list_in = opnsense_quagga_bgp_prefixlist.example0.id
  route_map_out = opnsense_quagga_bgp_routemap.example0.id
}

Schema

Required

  • peer_ip (String) The IP of your neighbor.
  • remote_as (Number) The neighbor AS.

Optional

  • as_override (Boolean) Override AS number of the originating router with the local AS number. This command is only allowed for eBGP peers. Defaults to false.
  • attribute_unchanged (String) Specify attribute to be left unchanged when sending advertisements to a peer. Read more at FRR documentation. Defaults to "".
  • bfd (Boolean) Enable BFD support for this neighbor. Defaults to false.
  • connect_timer (Number) The time in seconds how fast a neighbor tries to reconnect. Defaults to -1.
  • default_route (Boolean) Enable to send Defaultroute. Defaults to false.
  • description (String) An optional description for this neighbor. Defaults to "".
  • disable_connected_check (Boolean) Enable to allow peerings between directly connected eBGP peers using loopback addresses. Defaults to false.
  • enabled (Boolean) Enable this neighbor. Defaults to true.
  • hold_down (Number) The time in seconds when a neighbor is considered dead. This is usually 3 times the keepalive timer. Defaults to 180.
  • keep_alive (Number) Enable Keepalive timer to check if the neighbor is still up. Defaults to 60.
  • link_local_interface (String) Interface to use for IPv6 link-local neighbours. Must be a valid OPNsense interface in lowercase (e.g. wan). Please refer to the FRR documentation for more information. Defaults to "".
  • local_ip (String) The local IP connecting to the neighbor. This is only required for BGP authentication. Defaults to "".
  • md5_password (String) The password for BGP authentication. Defaults to "".
  • multi_hop (Boolean) Enable multi-hop. Specifying ebgp-multihop allows sessions with eBGP neighbors to establish when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. Defaults to false.
  • multi_protocol (Boolean) Mark this neighbor as multiprotocol capable per RFC 2283. Defaults to false.
  • next_hop_self (Boolean) Enable the next-hop-self command. Defaults to false.
  • next_hop_self_all (Boolean) Add the parameter "all" after next-hop-self command. Defaults to false.
  • prefix_list_in (String) The prefix list ID for inbound direction. Defaults to "".
  • prefix_list_out (String) The prefix list ID for outbound direction. Defaults to "".
  • route_map_in (String) The route map ID for inbound direction. Defaults to "".
  • route_map_out (String) The route map ID for outbound direction. Defaults to "".
  • rr_client (Boolean) Enable route reflector client. Defaults to false.
  • update_source (String) Physical name of the IPv4 interface facing the peer. Must be a valid OPNsense interface in lowercase (e.g. wan). Please refer to the FRR documentation for more information. Defaults to "".
  • weight (Number) Specify a default weight value for the neighbor’s routes. Defaults to -1.

Read-Only

  • id (String) UUID of the neighbor.

Import

In Terraform v1.5.0 and later, use an import block to import opnsense_quagga_bgp_neighbor using the id. For example:

import {
  to = opnsense_quagga_bgp_neighbor.example
  id = "<opnsense-resource-id>"
}

Using terraform import, import opnsense_quagga_bgp_neighbor using the id. For example:

% terraform import opnsense_quagga_bgp_neighbor.example <opnsense-resource-id>