How to advertise two virtual IPs using BGP?
Alexander Zubkov
green at qrator.net
Wed Nov 20 11:00:28 CET 2024
And what is you intention then? You want to use both sources at once in
ecmp-like manner, when the server makes a connection? Or something else?
On Wed, Nov 20, 2024, 10:44 hans.heng <hans.heng at zoom.us> wrote:
> You can set krt_prefsrc in bird. If I remember the option name right.
>
>
> But we have already this for the first virtual ip 38.145.72.193, I do not
> know how to additionally add routing I mentioned in the previoius thread
> for the second virtual ip 38.145.72.198.
>
> protocol kernel {
> scan time 1;
> merge paths yes limit 4;
> ipv4 {
> import none;
> export filter {
> if proto = direct1 then reject;
> krt_prefsrc = 38.145.72.193;
> accept;
> };
> };
> }
>
> Thanks,
> Hans
>
> On Wed, November 20 2024 at 5:40 PM Alexander Zubkov <green at qrator.net>
> <green at qrator.net> wrote:
>
> You can set krt_prefsrc in bird. If I remember the option name right.
>
> On Wed, Nov 20, 2024, 10:11 hans.heng <hans.heng at zoom.us> wrote:
>
>> > Hi Hans,
>> >
>> > What about just adding it to your LOCAL_NET list? If it works for the first
>> > IP, why it shouldn't work for the other?
>>
>> Hi Alexander,
>>
>> You’re right, simply adding it to LOCAL_NET list does work, other hosts then can test tcp stream on this new virtual ip.
>>
>> But what confused me is that how can we add export a routing rule like this:
>>
>> $ ip route
>> default proto bird src 38.145.72.193 metric 32
>> nexthop via 10.105.1.10 dev enp4s0f0 weight 1
>> nexthop via 10.105.1.12 dev enp4s0f1 weight 1
>>
>> Namely, how this server sends out the traffic using new virtual ip 38.145.72.198 as source addr?
>>
>> Thanks,
>> Hans
>>
>> On Wed, November 20 2024 at 4:03 PM Alexander Zubkov <green at qrator.net>
>> <green at qrator.net> wrote:
>>
>> Hi Hans,
>>
>> What about just adding it to your LOCAL_NET list? If it works for the
>> first IP, why it shouldn't work for the other?
>>
>> On Wed, Nov 20, 2024 at 8:36 AM Hans Heng via Bird-users <
>> bird-users at network.cz> wrote:
>>
>>> Hi all!
>>>
>>> I have a dual-home server, whose connection topology and configuration is described as below.
>>>
>>>
>>> **** Connection Topology and Configuration ****
>>>
>>> The server has two physical NICs enp4s0f0 and enp4s0f1, which are connected to two separate ports TOR_A and TOR_B on a Top of Rack (TOR) router, each representing a separate BGP session through bgp_A and bgp_B protocol.
>>>
>>> The server also has a dummy interface named em5, which has a private ip 38.145.72.193/32 <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=>.
>>>
>>> Bird kernel protocol exports an ECMP routing rule to kernel as a kernel default routing, and bgp_A/bgp_B protocol export the private ip to my internet, then 38.145.72.193/32 <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> on em5 acts as a public ip.
>>>
>>>
>>> **** My goal ****
>>>
>>> I want to add another virtual ip on em5, say 38.145.72.198/32 <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.198_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=H85Ro8DXm3uWfnfQU4MX2w7eTYkSllixeGgTN4D3XF8&e=>, and let this new virtual ip act as a public ip too.
>>> Can this requirement be met? If yes, how should I modify the configuration to make BGP advertise this ip over my internet?
>>>
>>>
>>>
>>> **** Additional Information on Server ****
>>>
>>>
>>> ## bird setup an ECMP route on 2 phy nics as default route,
>>> ## which set source ip to the public ip
>>> $ ip route
>>> default proto bird src 38.145.72.193 metric 32
>>> nexthop via 10.105.1.10 dev enp4s0f0 weight 1
>>> nexthop via 10.105.1.12 dev enp4s0f1 weight 110.105.1.10/31 <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.105.1.10_31&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=-p9Ki6n5W1WV1sy_k1TvuK40E8Bwj5zNUKhIHqRBiws&e=> dev enp4s0f0 proto kernel scope link src 10.105.1.1110.105.1.12/31 <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.105.1.12_31&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=PPYkekks3l9B0WozwhhmanpPyqt-7_BalYLNq0I3QJM&e=> dev enp4s0f1 proto kernel scope link src 10.105.1.13
>>>
>>>
>>> bird> show route all
>>> Table master4:0.0.0.0/0 <https://urldefense.proofpoint.com/v2/url?u=http-3A__0.0.0.0_0&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=Cvj89uXo924yxK47AGuHlg3g1BKfJdkW6sUvQso_2xE&e=> unicast [bgp_A 2024-11-17] * (100) [AS4212010101i]
>>> via 10.105.1.10 on enp5s0f0
>>> Type: BGP univ
>>> BGP.origin: IGP
>>> BGP.as_path: 4259105001 4212010101
>>> BGP.next_hop: 10.105.1.10
>>> BGP.local_pref: 0
>>> unicast [bgp_B 2024-11-18] (100) [AS4212010101i]
>>> via 10.105.1.12 on enp5s0f1
>>> Type: BGP univ
>>> BGP.origin: IGP
>>> BGP.as_path: 4259205001 4212010101
>>> BGP.next_hop: 10.105.1.12
>>> BGP.local_pref: 038.145.72.193/32 <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> unicast [direct1 2024-11-06] * (240)
>>> dev em5
>>> Type: device univ
>>>
>>>
>>>
>>>
>>> # bird.conf
>>> router id 172.18.xxx.yyy;
>>> ipv4 table master4;
>>>
>>> define LOCAL_NET = [ 38.145.72.193/32 <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> ];
>>>
>>> protocol direct {
>>> ipv4;
>>> interface "em5",-"*";
>>> }
>>>
>>> protocol kernel {
>>> scan time 1;
>>> merge paths yes limit 4;
>>> ipv4 {
>>> import none;
>>> export filter {
>>> if proto = "direct1" then reject;
>>> krt_prefsrc = 38.145.72.193;
>>> accept;
>>> };
>>> };
>>> }
>>>
>>> protocol device {
>>> scan time 1;
>>> }
>>>
>>> protocol bgp bgp_A {
>>> description "TOR A";
>>> local 10.105.1.11 as 4290105101 ; # enp4s0f0
>>> neighbor 10.105.1.10 as 4259105001; # TOR_A
>>> path metric 1;
>>> ipv4 {
>>> import all;
>>> export filter {
>>> if net ~ LOCAL_NET then accept;
>>> else reject;
>>> };
>>> next hop self;
>>> };
>>> }
>>>
>>> protocol bgp bgp_B {
>>> bfd;
>>> description "TOR B";
>>> local 10.105.1.13 as 4290105101 ; # enp4s0f1
>>> neighbor 10.105.1.12 as 4259205001; # TOR_B
>>> default bgp_med 0;
>>> default bgp_local_pref 0;
>>> path metric 1;
>>> ipv4 {
>>> import all;
>>> export filter {
>>> if net ~ LOCAL_NET then accept;
>>> else reject;
>>> };
>>> next hop self;
>>> };
>>> }
>>>
>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20241120/5e286a99/attachment.htm>
More information about the Bird-users
mailing list