# BGP with IPv6 and git interfaces / wireguard



## nbari (Nov 16, 2021)

I want to do something like the attached picture:





I currently only have the VM with a /44 subnet, but I would like to test/learn how to bridge/connect another VM (pfsense in the picture) but using GIF interfaces and start to segment from there.

From my understanding I will need to have another BGP daemon in the (pfsense VM) to announce networks back to the VM I will be making the tunnel, but for starters how to create the tunnel?

From an example I found that it can be done something like this:

```
ifconfig gif0 create
ifconfig gif0 tunnel X.X.X.X Y.Y.Y.Y
ifconfig gif0 inet6 2a09:4c0:1e0:183::2 2a09:4c0:1e0:183::1 prefixlen 128
route -n add -inet6 default 2a09:4c0:1e0:183::1
ifconfig gif0 up
```

But from my understanding, I could instead use link-local ipv6 addresses to prevent using a "public IP", but wondering if later I could just announce the /64 subnets using that tunnel?

I found that using wireguard is easy to create the tunnel, this is my current configuration:


```
[Interface]
PrivateKey = <private key>
ListenPort = 2053
Address = fe80::25/10
Table = off

[Peer]
PublicKey = <public key>
Endpoint = 45.126.137.51:1053
AllowedIPs = fd00::/8, fe80::/10
```

I can ping between VM's using:


```
ping fe80::25%wg0
```


I installed bird2 in the pfsense VM but there I would like to first be available to announce an IPv6 from the /44 network but how could I announce that I have that IP ?


----------

