Hi all, I’m looking for best practices and design recommendations for using Keepalived (VRRP) in a setup with two BIRD-based routers running iBGP between each other. Setup overview - Two routers (R1 and R2), both running BIRD based on debian repo - Direct interconnection via eno1 (1GE Base-T) used for iBGP session - Each router has its own uplink and independent eBGP session - There is a single IX service currently connected to R1 - Goal: ensure failover to R2 (via Keepalived/VRRP) if R1 goes down Questions 1. VRRP traffic design What is the recommended approach for VRRP packets in this kind of setup? - Should VRRP run over a dedicated VLAN on the inter-router link (eno1)? - Or is it better to run VRRP on the same interface where the VIP is configured (e.g., gateway interface for downstream hosts), possibly using a separate VLAN there? I’m trying to understand what is considered cleaner and more robust in production environments. 2. Track scripts – best practices What are the best practices when using track_script in Keepalived? - What should be monitored in a BGP/BIRD context? - BGP session state? - Reachability (e.g., upstream via ping)? - Interface/link state? - IX availability? - How do you typically avoid false positives / flapping? - Any recommended patterns for integrating BIRD state with Keepalived? 3. Failover strategy for IX service Given that: - Only R1 is physically connected to the IX - Both routers participate in BGP and exchange routes via iBGP What is the recommended way to ensure that: • Traffic and VIP failover cleanly to R2 • And ideally, the IX connectivity (logically) follows to R2 during failure? Is this typically handled purely via VRRP + routing changes, or are there additional mechanisms commonly used? Any real-world examples, configuration snippets, or design insights would be greatly appreciated. Thanks! Mike