Issues establishing more than 2 BGP sessions

Chris Stein bksteiny at gmail.com
Sun Nov 12 06:44:46 CET 2017


Hello there-



I’m hoping to get guidance/feedback from you all on whether or not what I’m
trying to do it possible, and if it is possible, what am I doing
incorrectly.



My goal is to make this a transit VPC for handling routes between multiple
remote regions (and clouds). I’m testing with 4 VPCs (A, B, C, and D), each
with a different ASN. VPC B is acting as my transit VPC, which is where
bird and strongswan are running. VPCs A, C, and D are acting as the remote
regions, and each has a VPN connection back to B. IPSec is up and working
as expected, but routing is giving me some trouble. Each VPN has 2 tunnels,
so I’m currently trying to establish 6 BGP sessions, however, only 2
sessions will establish at a time. The other sessions are in a “Start”
state. Eventually, one of the established connections will drop and may
reestablish, or, one of the other tunnels will establish a BGP connection.



I have tried multiple bird configurations, but all roads lead back only 2
established BGP sessions. I thought this example might be what I need, but
it also did not work:
https://gitlab.labs.nic.cz/labs/bird/wikis/Simple_route_server
Individually, bird is able to establish a session on both tunnels at every
remote VPC, so I know that works. Occasionally, I have noticed that
established connections will disconnect with a “Hold timer expired”.
There’s something I’m missing/overlooking in the config to allow all
sessions to be active.



Below is the most basic config I have used. Thanks in advance for your help.



log "/var/log/bird.log" all;

debug protocols all;



router id 172.41.1.117;



protocol kernel {

  scan time 10;

  export all;

  import all;

}



protocol device {

  scan time 10;

}



template bgp aws {

  local as 65000;

  hold time 30;

  export all;

  import all;

  direct;

}



protocol bgp ATUN0 from aws {

  neighbor 169.254.xxx.xxx as 7224;

}



protocol bgp ATUN1 from aws {

  neighbor 169.254.xxx.xxx as 7224;

}



protocol bgp CTUN0 from aws {

  neighbor 169.254.xxx.xxx as 65100;

}



protocol bgp CTUN1 from aws {

  neighbor 169.254.xxx.xxx as 65100;

}



protocol bgp DTUN0 from aws {

  neighbor 169.254.xxx.xxx as 65200;

}



protocol bgp DTUN1 from aws {

  neighbor 169.254.xxx.xxx as 65200;

}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20171111/11198768/attachment.html>


More information about the Bird-users mailing list