MikroTik.conf

# Created by Mark Leonard of YYC Net Lab
# Feel free to contact me with improvements or suggestions via GitHub:
# https://github.com/colinbodor/projectton

# dec/13/2020 09:54:36 by RouterOS 6.46.8
#
# model = CCR1009-7G-1C

# Testing has only been done On CCRs with RouterOS 6.46.8. Proceed with caution.

##############################################################################
# Start by creating the appropriate routing filters. Doing this first means
# that we won't need to restart the peer in order to pickup the new filters.
/routing filter
# We need a filter that prevents any prefixes from being sent to Project TON:
add action=discard chain=nothing-out
#
# We need to decide which communities we want to block for.  These are sane
# defaults:
add action=accept bgp-communities=65535:666 chain=blackhole-in comment="Enable blocking of bad actors" set-type=blackhole
# for reference we would add any country-code blocking between the first and
# last rules like so:
#   add action=accept bgp-communities=3166:1234 chain=blackhole-in comment="Block fictional country code 1234" set-type=blackhole
add action=discard bgp-communities=65535:3166 chain=blackhole-in comment="Disable blocking based on country-code"


##############################################################################
# Create the BGP instance. Replace the local AS with something appropriate:
/routing bgp instance
set default as=4200000001

##############################################################################
# Create the peer for Project TON using the two filters built above. It is also
# critical to allow this to be a multihop peer.
/routing bgp peer
add comment="Project TON" in-filter=blackhole-in multihop=yes name=ProjectTON out-filter=nothing-out remote-address=162.208.89.180 remote-as=4212345678


##############################################################################
# Verify that you are receiving routes by running this command:
#   /ip route print where bgp=yes