I've had a quick look through the man pages and am still a bit unclear, perhaps I'm just overthinking this ?
Let's say I've got two perimeter "firewalls" running OpenBSD, talking BGP to upstream routers. On the "LAN" side I'm thinking about CARP, which is active/passive, and the devices on "LAN" side will have the CARP set as their default gateway. If both BGP talkers advertise the "LAN" to the upstreams (i.e. "network 192.0.2.0/24" in bgpd.conf), how does that work in terms of reachability from the device that is currently CARP passive ? The man pages mention two CARP related configuration options for bgpd.conf but these don't seem to cater for the application I'm thinking of ? (i.e. "demote" is more related to waiting until BGP is established, and "depend on" is related to staying in idle if CARP is passive, which is obviously not an attractive idea as I'd obviously like both upstreams BGP sessions active ? ).
