Hi, I'm probably being completely dumb here, but I'm adding an additional perimiter router to my network which is running OpenBSD 6.6.
My current perimiter is a 6.4 instance (soon to be upgraded !) which talks BGP to internal firewalls. The config below works perfectly on 6.4, but on 6.6, the default route is never exported (the session otehrwise operates fine, comes up and receives routes from firewalls). "bgpctl sho ri nei nei-name out" shows nothing being sent. "bgpd -n" reports no problems with the config AS 64520 router-id 192.0.2.1 rde med compare always socket "/var/run/bgpd.sock.ro" restricted group my_firewall_v4 { export default-route remote-as 64515 announce IPv6 none neighbor 198.51.100.1 { local-address 198.51.100.2 descr "MY-F1-V4" } } group my_firewall_v6 { export default-route remote-as 64515 announce IPv4 none neighbor 2001:db8::1 { local-address 2001:db8::2 descr "MY-F1-V6" } } MY_INT_FIREWALLS="{group my_firewall_v4,group my_firewall_v6}" prefix-set my-def-routes {0.0.0.0/0,::/0} prefix-set MY_NETS_FILTER {192.0.2.0/24 or-longer,198.51.100.0/24 or-longer,2001:db8::/32 or-longer} deny to any allow to $MY_INT_FIREWALLS prefix-set my-def-routes deny from any deny from any prefix-set my-def-routes allow from $MY_INT_FIREWALLS prefix-set MY_NETS_FILTER