
<div dir="ltr">


<p class="MsoNormal"><span style="font-size:11pt">Hello there-<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">I’m hoping to get guidance/feedback

from you all on whether or not what I’m trying to do it possible, and if it is

possible, what am I doing incorrectly.<span></span></span></p>


<p class="gmail-MsoListParagraph"><span style="font-size:11pt"><span> </span></span></p><p class="gmail-MsoListParagraph"><span style="font-size:11pt">My goal is to make this a

transit VPC for handling routes between multiple remote regions (and clouds). I’m

testing with 4 VPCs (A, B, C, and D), each with a different ASN. VPC B is

acting as my transit VPC, which is where bird and strongswan are running. VPCs

A, C, and D are acting as the remote regions, and each has a VPN connection

back to B. IPSec is up and working as expected, but routing is giving me some

trouble. Each VPN has 2 tunnels, so I’m currently trying to establish 6 BGP

sessions, however, only 2 sessions will establish at a time. The other sessions

are in a “Start” state. Eventually, one of the established connections will

drop and may reestablish, or, one of the other tunnels will establish a BGP connection.</span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">I have tried multiple bird configurations,

but all roads lead back only 2 established BGP sessions. I thought this example

might be what I need, but it also did not work: <a href="https://gitlab.labs.nic.cz/labs/bird/wikis/Simple_route_server">https://gitlab.labs.nic.cz/labs/bird/wikis/Simple_route_server</a>

Individually, bird is able to establish a session on both tunnels at every

remote VPC, so I know that works. Occasionally, I have noticed that established

connections will disconnect with a “Hold timer expired”. There’s something I’m

missing/overlooking in the config to allow all sessions to be active.<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">Below is the most basic config

I have used. Thanks in advance for your help.<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">log

"/var/log/bird.log" all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">debug protocols all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">router id 172.41.1.117;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol kernel {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  scan time 10;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  export all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  import all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol device {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  scan time 10;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">template bgp aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  local as 65000;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  hold time 30;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  export all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  import all;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  direct;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}  <span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp ATUN0 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 7224;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp ATUN1 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 7224;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp CTUN0 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 65100;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp CTUN1 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 65100;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp DTUN0 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 65200;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">protocol bgp DTUN1 from aws {<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">  neighbor 169.254.xxx.xxx as 65200;<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt">}<span></span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


<p class="MsoNormal"><span style="font-size:11pt"><span> </span></span></p>


</div>