diff --git a/base_data/frr/local/frr.conf b/base_data/frr/local/frr.conf
index 83336d5..c6cba98 100644
--- a/base_data/frr/local/frr.conf
+++ b/base_data/frr/local/frr.conf
@@ -8,13 +8,13 @@
 # avoid this, you can edit this file manually before starting FRR, or instruct
 # vtysh to write configuration to a different file.
 log syslog informational
+
 router bgp 65000
   bgp router-id 192.168.14.103
   no bgp default ipv4-unicast
   neighbor fabric peer-group
   neighbor fabric remote-as 65000
   neighbor fabric capability extended-nexthop
-  ! BGP sessions with route reflectors
   neighbor 192.168.14.100 peer-group fabric
   !
   address-family l2vpn evpn
@@ -22,4 +22,28 @@ router bgp 65000
    advertise-all-vni
   exit-address-family
   !
+  neighbor 192.0.2.254 remote-as 65001
+  !
+  address-family ipv4 unicast
+   redistribute static
+   redistribute connected
+   route-map PUBLIC_ONLY out
+   route-map INPUT_DENY in
+  exit-address-family
+  !
+!
+
+ip prefix-list PUBLIC_ONLY seq 20 deny 10.0.0.0/8
+ip prefix-list PUBLIC_ONLY seq 30 deny 172.16.0.0/12
+ip prefix-list PUBLIC_ONLY seq 40 deny 192.168.0.0/16
+ip prefix-list PUBLIC_ONLY seq 50 deny 127.0.0.0/8
+ip prefix-list PUBLIC_ONLY seq 60 deny 169.254.0.0/16
+ip prefix-list PUBLIC_ONLY seq 70 deny 100.64.0.0/10
+ip prefix-list PUBLIC_ONLY seq 80 permit 0.0.0.0/0 le 32
+
+route-map PUBLIC_ONLY permit 10
+ match ip address prefix-list PUBLIC_ONLY
+!
+
+route-map INPUT_DENY deny 10
 !
\ No newline at end of file