High-availability BGP with BIRD

Miłosz Oller milosz at sys-com.pl
Thu Aug 22 14:39:09 CEST 2013


Hi

I have a H-A configuration of BIRD routers.

It look like this: http://pastebin.com/SKY4h1Gf - 6x /24 IPv4, and
3x /48 IPv6.

Router 1 and 2 are connected with iBGP (bonding connection). Prefixes
ipv4 are divided into three per router, 2 prefixes ipv6 on router 1 and
one on router 2.
On routers is linux installed with keepalived. Keepalived is running on
interfaces connected to switches (bonding and vlan for each ipv4
prefix). Example, when R01 is down, prefixes are transferred to R02
(with keepalived). Switches are connected with LAG/LACP.

In the future will be additional (backup) links from ISP 1 to Router 2
and from ISP 2 to Router 1.

-- 
Miłosz Oller
GSM: +48 603 030 347
http://sys-com.pl
NIP: 561-154-09-00 REGON: 340779520


On Thu, 22 Aug 2013 09:05:27 -0300
Andre Nathan <andre at digirati.com.br> wrote:

> Hi Thomas
> 
> I'm not a BGP expert but I run a similar configuration. Some notes
> below.
> 
> On 08/21/2013 10:08 PM, Thomas Johnson wrote:
> 
> > In this scenario, router-a and router-b are running FreeBSD, with
> > CARP to provide a virtual IP for failover. The two routers act in a
> > failover manner, with router-b taking over the virtual IP upon
> > failure of router-a. The goal is to maintain the fast failover
> > (seconds) that I get from CARP in non-BGP configurations. I am
> > wondering if the following method is a common/feasible/best
> > solution.
> 
> I do it here exactly like this, but with Linux and keepalived.
> 
> > If router-a fails.
> > * Programmatically update the router-b BIRD config to begin
> > advertising prefixes.
> > * router-b already has the BGP table in memory, so routing can
> > resume immediately.
> 
> Not sure if I understood this correctly, but if both routers have BIRD
> running you shouldn't need to do any manual configuration changes. As
> long as your machines have the routers' virtual IP as their gateway,
> routing should resume as soon as the address is transferred to the
> remaining router.
> 
> > Is there a better way to achieve this? Will my ISP laugh at me when
> > I ask them to assign me a /29, and allow me to run two BGP sessions?
> 
> You should also consider that ISP routers can fail. Imagine that
> router-a has a BGP session with isp-router-a and router-b with
> isp-router-b. Now consider what happens if isp-router-a fails.
> 
> To keep things working, I configured an iBGP session between router-a
> and router-b. In the example about, traffic would be routed out of
> your network through the router-a -> router-b -> isp-router-b path.
> 
> I'm also interested to learn about possible alternative architectures
> to handle these cases.
> 
> Cheers,
> Andre




More information about the Bird-users mailing list