AW: Simple two bird BGPs two Uplinks one Peering Provider config

Sat May 25 14:44:54 CEST 2019

hi Yves,

you need indeed a bgp in netwerk or put an additional route reflector of
you are planning additional connections in the future and want to scale.

kurt

Op za 25 mei 2019 10:06 schreef Yves Illi <mail at yvesilli.com>:

> Okay, it seams that I figured out something quiet important.
>
> So on my bond0 (which is the uplink to the firewall vlan) on the bird bgp
> box I have a.b.c.249/29 configured. My first fw has a.b.c.252/29 second fw
> .53/29 and CARP VIP is .54/29. Now I dont have to route a b.c.0/22 to my
> transfer net ip... I have to route it to my firewall ip or even better of
> course to my carp vip. Now I see all traffic coming to the fw cluster :)
>
> Now the only issue left is the sync between my two bgp boxes...
>
> Maybe someone could point me in the right direction :)
>
> I have two bird bgp pizzas a.b.c.249/29 and .250/29 so I think I just make
> a new bgp link between them?
>
> Thanks for your help
>
> Best Regards
> Yves
> *From:* mail at yvesilli.com
> *Sent:* 21 May 2019 13:08
> *To:* santiago at crfreenet.org
> *Cc:* bird-users at network.cz
> *Subject:* AW: Simple two bird BGPs two Uplinks one Peering Provider
> config
>
> Hi,
>
> Okay, I think there is a misunderstanding. Or maybe I am totally wrong.
> Please correct me if I am.
>
> a.b.c.0/22 is my range
>
> d.e.f.124 is my bgp01 public ip of the /29 transfer net between my bgp01
> and the big router (d.e.f.121/29) of my peering uplink
>
> So if I want to advertise my own public ips (a.b.c.0/22) to my peering
> uplink (so called to the internet) shouldn't I make it like this:
>
> protocol static static_bgp {
>   ipv4;
>   route a.b.c.0/22 via d.e.f.124;
> }
> protocol bgp link1 {
>   local d.e.f.124 as XXXX;
>   neighbor d.e.f.121 as YYYY; #d.e.f.121 is the first router of my peering
> uplink 1
>   ipv4 { import all;export where proto = "static_bgp"; };
> }
>
> I want to import all from them so I know the internet and how to route....
> and I want to export stat-ic_bgp so the internet know's me?
>
> Thanks for your help
> Yves
>
> -----Ursprüngliche Nachricht-----
> Von: Ondrej Zajicek <santiago at crfreenet.org>
> Gesendet: Montag, 20. Mai 2019 20:43
> An: Yves Illi <mail at yvesilli.com>
> Cc: bird-users at network.cz
> Betreff: Re: Simple two bird BGPs two Uplinks one Peering Provider config
>
> On Mon, May 20, 2019 at 05:17:08PM +0000, Yves Illi wrote:
> > Hi there,
> >
> > I am really new to the complete topic of BGP. So please have a bit mercy
> with me if I ask something very stupid. But I am trying to build that for
> the first time ever and I am feeling like a donkey in front of a big
> mountain.
> >
> > Last but not least it is currently running, but I guess its more luck
> than something else. Like I said I am completely new to the topic of BGP.
> What I don't get is how I configure them together so they work (as a
> HA-Cluster) and currently I can only route a.b.c.249/29 instead of
> a.b.c.0/22.
>
> Hi
>
> > protocol static static_bgp {
> >   ipv4;
> >   route a.b.c.0/22 via d.e.f.124;
> > }
>
> I think this is the problem, as d.e.f.124 is your local address, then this
> route is probably not allowed locally (because you should not have route
> directing to a local address) and therefore likely not propagated to BGP.
>
> Simple solution is to have the static route defined as unreachable route:
>
>   route a.b.c.0/22 unreachable;
>
> You would have more specific routes in the routing table anyways and when
> the unreachable route is propagated by BGP, the local address will be
> attached as next hop automatically.
>
> --
> Elen sila lumenn' omentielvo
>
> Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org) OpenPGP
> encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err
> is human -- to blame it on a computer is even more so."
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20190525/57148d54/attachment.htm>