[BGP] Set up bgp through the internet on public servers

t g g_hisoka at hotmail.com
Sat Nov 2 20:21:20 CET 2024 

Hi Barry,

In fact, making both machines talking together is not the final need. It is a prerequisite to what i want to set up. You are right, i probably have to explain the global need.

Each server will host one service (web, db, etc.).
I want to set up Bird as a BGP provider and set up Exabgp on top of that with the "process" section to announce a service vip when the software is running.

Bird will provide the static vip and exabgp the dynamic vip in accordance with the processes running in the server.

Thanks and Regards,
tg

________________________________
De : Barry O'Donovan (INEX) <barry.odonovan at inex.ie>
Envoyé : samedi 2 novembre 2024 18:42
À : t g <g_hisoka at hotmail.com>
Cc : bird-users at network.cz <bird-users at network.cz>
Objet : Re: [BGP] Set up bgp through the internet on public servers

Hi tg,

Bird is probably not what you need here as it looks like you just want to get two machines to talk to each other.

You should look at OpenVPN or WireGuard as a means to create encrypted tunnels between them.

 - Barry

t g<mailto:g_hisoka at hotmail.com>2 November 2024 at 17:58
Thank you for your suggestion Yakov,
I added the sections you had mentionned as below and the neighbor is still unreachable.
I am not a network expert but i am wondering if such a set up is technically possible.
Do you know?

$ cat /etc/bird.conf
router id <public ip>;

protocol bgp bgp_static {
   local as 65001;
   neighbor <server 2 public ip> as 65001;
   multihop 99;

   ipv4 {
       import all;
       export filter {
           if net = 10.1.1.1/32 then accept;
           reject;
       };
   };

   debug all;
}
protocol kernel {
    ipv4 {
          import all;
          export all;
    };
    learn;
    persist;
    scan time 20;
}
protocol direct {
    interface "*";
}
protocol device {
    scan time 10;
}

Many Thanks,
tg

________________________________
De : Yakov Sh. <yman at protonmail.ch><mailto:yman at protonmail.ch>
Envoyé : samedi 2 novembre 2024 12:36
À : Talal Gharsa <g_hisoka at hotmail.com><mailto:g_hisoka at hotmail.com>
Cc : bird-users at network.cz<mailto:bird-users at network.cz> <bird-users at network.cz><mailto:bird-users at network.cz>
Objet : Re: [BGP] Set up bgp through the internet on public servers

Hi,
Since you have only BGP protocol defined, BIRD knows nothing about any routes that could exist on your system. If you want to import local routes into BIRD you need to add some other protocols, usually it's 'device', 'direct' and 'kernel'.

Yakov Sh.
telegram: @darkyman

Sent with Proton Mail<https://proton.me/mail/home> secure email.

On Saturday, November 2nd, 2024 at 11:34, Talal Gharsa <g_hisoka at hotmail.com><mailto:g_hisoka at hotmail.com> wrote:


--

Kind regards,
Barry O'Donovan
INEX Operations

https://www.inex.ie/support/
+353 1 531 3339


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20241102/d404441d/attachment.htm>

More information about the Bird-users mailing list