Talos 1.9.5, Cilium 1.8.0-pre.0, Mikrotik RouterOS 7.18.2, BGP Config

cilium-bgp-config.yaml

---
apiVersion: cilium.io/v2alpha1
kind: CiliumLoadBalancerIPPool
metadata:
  name: cilium-external-ip-pool
spec:
  blocks:
    - cidr: "172.16.0.0/16"
  allowFirstLastIPs: "No"
---
apiVersion: cilium.io/v2alpha1
kind: CiliumBGPPeerConfig
metadata:
  name: peer-config-generic
spec:
  families:
    - afi: ipv4
      safi: unicast
      advertisements:
        matchLabels:
          advertise: bgp
---
apiVersion: cilium.io/v2alpha1
kind: CiliumBGPClusterConfig
metadata:
  name: bgp-cluster-config
spec:
  nodeSelector:
    matchLabels:
      # Match all nodes, change as needed
      kubernetes.io/arch: amd64
  bgpInstances:
    - name: instance-65530
      localASN: 65530
      peers:
        - name: mikrotik-router
          peerASN: 65530
          peerAddress: "192.168.88.1"
          peerConfigRef:
            name: peer-config-generic
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPAdvertisement
metadata:
  name: bgp-advertise-services
  labels:
    advertise: bgp
spec:
  advertisements:
    - advertisementType: "Service"
      service:
        addresses:
          - LoadBalancerIP
      selector:
        matchExpressions:
          # Apply only to services not in kube-system namespace
          - {
              key: io.kubernetes.service.namespace,
              operator: NotIn,
              values: ["kube-system"],
            }

routeros-bgp-config.cli

> /routing/bgp/connection print
0   name="bgp1" 
    remote.address=192.168.88.100/32 
    local.default-address=192.168.88.1 .role=ibgp 
    routing-table=main templates=default as=65530

routeros-bgp-no-fasttrack.cli

> /ip/firewall/add action=accept chain=forward comment="Allow BGP routes without FastTrack" dst-address=<cilium-bgp-ippool>