diff --git a/roles/exit/templates/frr.conf.j2 b/roles/exit/templates/frr.conf.j2
index 803e0c6..059a5ff 100644
--- a/roles/exit/templates/frr.conf.j2
+++ b/roles/exit/templates/frr.conf.j2
@@ -77,10 +77,12 @@ router bgp {{ asn.asn }} vrf outside
 {% endfor %}
 
   address-family ipv4 unicast
+    neighbor peerlink.4 activate
     neighbor peerlink.4 soft-reconfiguration inbound
     neighbor peerlink.4 route-map peer.4->me in
     neighbor peerlink.4 route-map me->peer.4 out
 
+    neighbor firewall activate
     neighbor firewall allowas-in 1
     neighbor firewall default-originate
     neighbor firewall soft-reconfiguration inbound
diff --git a/roles/firewall/templates/frr.conf.j2 b/roles/firewall/templates/frr.conf.j2
index 81ae5f3..9937aa8 100644
--- a/roles/firewall/templates/frr.conf.j2
+++ b/roles/firewall/templates/frr.conf.j2
@@ -40,26 +40,14 @@ router bgp {{ asn.asn }}
   neighbor {{ iface.name }}.4 bfd profile fast
 {% endfor %}
 
-  address-family ipv4 unicast
+{% for family in ['ipv4', 'ipv6'] %}
+  address-family {{ family }} unicast
+{% if family == 'ipv4' %}
 {% for network in nat %}
     network {{ network }}
 {% endfor %}
 
-    redistribute connected route-map loopback
-    maximum-paths 16
-
-    neighbor outside soft-reconfiguration inbound
-    neighbor outside route-map outside->default in
-    neighbor outside route-map default->outside out
-
-    neighbor inside allowas-in origin
-    neighbor inside default-originate
-    neighbor inside soft-reconfiguration inbound
-    neighbor inside route-map inside->default in
-    neighbor inside route-map default->inside out
-  exit-address-family
-
-  address-family ipv6 unicast
+{% endif %}
     redistribute connected route-map loopback
     maximum-paths 16
 
@@ -76,6 +64,8 @@ router bgp {{ asn.asn }}
     neighbor inside route-map default->inside out
   exit-address-family
 
+{% endfor %}
+
 # Prefix lists.
 ip prefix-list default permit 0.0.0.0/0
 ipv6 prefix-list default permit ::/0