router id 172.20.186.10; # This should be unique IP of system, cloud-private here but doesn't matter as long as unique.

protocol device {
    scan time 10;
}

define LOOPBACK_VIPS = [
    185.15.56.0/23{32,32}
];

filter DIRECT_IN {
    if net ~ LOOPBACK_VIPS then {
        accept;
    }
}

filter CLOUD_OUT_PRI {
    if proto = "DIRECT" && net ~ LOOPBACK_VIPS then {
        accept;
    }
}

filter CLOUD_OUT_SEC {
    if proto = "DIRECT" && net ~ LOOPBACK_VIPS then {
        bgp_path.prepend(64712);
        bgp_path.prepend(64712);
        bgp_path.prepend(64712);
        accept;
    }
}

protocol direct DIRECT {
    ipv4 {
        import filter DIRECT_IN;
    };
}

protocol kernel KERNEL {
    scan time 10;
    ipv4 {
        import none;
        export where source = RTS_BGP;
    };
    learn;
}

protocol bfd BFD {
    interface "*" {
        interval 300 ms;
        multiplier 3;
    };
}

protocol bgp CLOUDSW1_C8 {
    bfd yes;
    ipv4 {
        import all;
        export filter CLOUD_OUT_PRI;           ### This should be CLOUD_OUT_PRI or CLOUD_OUT_SEC depending on host's role
    };
    local as 64712;                           ### Should be ok to hard-code, need to confirm ok to use within netops
    neighbor 172.20.186.1 as 64710 external;  ### IP and ASN is for cloudsw1-eqiad, will vary between switches
}