One bird VM (HA cluster) or two bird VMs (iBGP).
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP. Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded. What are your experiences with this? Thanks in advance, Mike
Hi. You would not install single bird instance on vmware HA cluster since you'll get sessions flaps when instance restart on falures. Right way is to run two different instances on different cluster nodes with HA deactivated for these instances and setup sessions from each bird instance. 26.02.2025 19:11, Mike Neo:
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP.
Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded.
What are your experiences with this?
Thanks in advance, Mike
-- Volodymyr Pidgornyi Digital Telecom-IX LLC Mob.: +380(68)3344222 URL: https://dtel-ix.net
I completely agree. I wouldn’t try to rely on something as shady as virtualisation “HA” when something as simple as iBGP and VRRP is available. I would even try to put my routers outside of any VM. On Wed 26 Feb 2025 19:23:27 GMT, Volodymyr Pidgornyi wrote:
Hi.
You would not install single bird instance on vmware HA cluster since you'll get sessions flaps when instance restart on falures. Right way is to run two different instances on different cluster nodes with HA deactivated for these instances and setup sessions from each bird instance.
26.02.2025 19:11, Mike Neo:
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP.
Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded.
What are your experiences with this?
Thanks in advance, Mike
-- Volodymyr Pidgornyi Digital Telecom-IX LLC Mob.: +380(68)3344222 URL: https://dtel-ix.net
That was the second remark :) However, RSes can be run in VMs, the only question is about RIB size and updates rate. 26.02.2025 19:53, Alarig Le Lay via Bird-users:
I completely agree. I wouldn’t try to rely on something as shady as virtualisation “HA” when something as simple as iBGP and VRRP is available. I would even try to put my routers outside of any VM.
On Wed 26 Feb 2025 19:23:27 GMT, Volodymyr Pidgornyi wrote:
Hi.
You would not install single bird instance on vmware HA cluster since you'll get sessions flaps when instance restart on falures. Right way is to run two different instances on different cluster nodes with HA deactivated for these instances and setup sessions from each bird instance.
26.02.2025 19:11, Mike Neo:
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP.
Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded.
What are your experiences with this?
Thanks in advance, Mike -- Volodymyr Pidgornyi Digital Telecom-IX LLC Mob.: +380(68)3344222 URL: https://dtel-ix.net
-- Volodymyr Pidgornyi Digital Telecom-IX LLC Mob.: +380(68)3344222 URL: https://dtel-ix.net
Yes, two VMs is the way. But "nothing is wrong" with a "HA" foobar feature of a Cluster. Sure it depends what the Cluster will actually do and how it will behave, and maybe /I/ would not trust VMware, but with ganeti we wanted to bring up certain VMs up on a different node as soon as possible. Also virtual Routers are not bad at all. Depends on their function. We had a couple of x86 boxes at the edge but internally (VPN VM; Tenent Gateways) were all running as a KVM VM. Which is also nice because if your Cluster supports "migrating" then you can even move around a VM in case you need to do hardware maintenance or just applying a kernel update. Good luck, Bernd On 26.02.25 6:53 PM, Alarig Le Lay via Bird-users wrote:
I completely agree. I wouldn’t try to rely on something as shady as virtualisation “HA” when something as simple as iBGP and VRRP is available. I would even try to put my routers outside of any VM.
On Wed 26 Feb 2025 19:23:27 GMT, Volodymyr Pidgornyi wrote:
Hi.
You would not install single bird instance on vmware HA cluster since you'll get sessions flaps when instance restart on falures. Right way is to run two different instances on different cluster nodes with HA deactivated for these instances and setup sessions from each bird instance.
26.02.2025 19:11, Mike Neo:
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP.
Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded.
What are your experiences with this?
Assuming that these will be two Ubuntu VMs with Bird iBGP/eBGP + VRRP, on different hosts, outside the HA cluster and additionally with a passthrough network card for each VM, then in fact it should be no different from two physical routers, also in terms of performance, and in fact gives greater maintenance possibilities, right? Kind regards, Mike śr., 26 lut 2025 o 19:19 Bernd Naumann <bernd@kr217.de> napisał(a):
Yes, two VMs is the way. But "nothing is wrong" with a "HA" foobar feature of a Cluster. Sure it depends what the Cluster will actually do and how it will behave, and maybe /I/ would not trust VMware, but with ganeti we wanted to bring up certain VMs up on a different node as soon as possible. Also virtual Routers are not bad at all. Depends on their function. We had a couple of x86 boxes at the edge but internally (VPN VM; Tenent Gateways) were all running as a KVM VM. Which is also nice because if your Cluster supports "migrating" then you can even move around a VM in case you need to do hardware maintenance or just applying a kernel update.
Good luck, Bernd
On 26.02.25 6:53 PM, Alarig Le Lay via Bird-users wrote:
I completely agree. I wouldn’t try to rely on something as shady as virtualisation “HA” when something as simple as iBGP and VRRP is available. I would even try to put my routers outside of any VM.
On Wed 26 Feb 2025 19:23:27 GMT, Volodymyr Pidgornyi wrote:
Hi.
You would not install single bird instance on vmware HA cluster since you'll get sessions flaps when instance restart on falures. Right way is to run two different instances on different cluster nodes with HA deactivated for these instances and setup sessions from each bird instance.
26.02.2025 19:11, Mike Neo:
Hi, I have one global operator and one IX via BGP and I'm wondering whether to set up one bird VM based on vmware HA cluster or two bird VMs without vmware HA cluster but located on separate nodes and connected via iBGP.
Of course, the iBGP connection allows for easy bird/VM updates but may generate potential problems with iBGP and VRRP. However, if there is one bird VM based on the vmware HA cluster, then in the event of a node failure, it is necessary to wait until the machine is restarted on the second node and until the prefixes from peers are loaded.
What are your experiences with this?
participants (4)
-
Alarig Le Lay -
Bernd Naumann -
Mike Neo -
Volodymyr Pidgornyi