Page 1 of 1
need help to setup redundant IPv4/IPv6 BGP
Posted: Tue Jun 22, 2021 12:43 am
by benoitc
I have a service that provides me a /48 IPv6 and a /29 IPv4 ranges using BGP. I access to it via 2 ISPs, 1 can open a session directly to it, and the second do it over a GRE tunnel.
They are for now configured in failover mode on one router. But I would like to split both connection over 2 routers (CCR2004) each connected to 2 switches (CRS317) for redundancy. I would like also to be able to share the load between ISPs: a group A that connect to ISP1 mainly and fail over to ISP2, while the other group B connect to ISP2 mainly and fail over ISP1.
Is there any good practice to do it? I was thinking to use VRRP to handle hardware redudancy but how can I configure BGP for it? Does it need some support from my provider? What to ask? Any help is appreciated :)
Re: need help to setup redundant IPv4/IPv6 BGP
Posted: Tue Jun 22, 2021 7:24 am
by wearfear
Do you have you own AS for your /29 and /48 ?
Are you natting at this point ?
Are you running GRE with the same router you have the directly connected BGP session to ?
Sharing the load will probably be difficult if you are gonna source your traffic from the same addresses on both routers as you can't guarantee return traffic will return to the router that forwards you initial session. It all depends on how your ISP is routing your addresses to your routers though. If you split up your /29 into /32 and assign your external addresses (you can use an RFC1918 address for this if your ISP allows it, they might not wanna fiddle with their VRF for internet to prevent an RFC1918 address being advertised in their routing table) to the routers and make your ISP route each of the /32 to your routers.
You can maybe also be able to advertise your different /32 for each routers with different Local Preferences to force traffic to the different routers. (This would be prefered solution)
It really depends on how far your ISP can go.
With VRRP you'll be able to load balance per VLAN only, but make it redundant also.
You'll be able to use route rules to send their traffic to each router based on their source address.
Does it make kinda sense : P ?
Re: need help to setup redundant IPv4/IPv6 BGP
Posted: Tue Jun 22, 2021 9:20 am
by benoitc
Do you have you own AS for your /29 and /48 ?
Are you natting at this point ?
Are you running GRE with the same router you have the directly connected BGP session to ?
Sharing the load will probably be difficult if you are gonna source your traffic from the same addresses on both routers as you can't guarantee return traffic will return to the router that forwards you initial session. It all depends on how your ISP is routing your addresses to your routers though. If you split up your /29 into /32 and assign your external addresses (you can use an RFC1918 address for this if your ISP allows it, they might not wanna fiddle with their VRF for internet to prevent an RFC1918 address being advertised in their routing table) to the routers and make your ISP route each of the /32 to your routers.
You can maybe also be able to advertise your different /32 for each routers with different Local Preferences to force traffic to the different routers. (This would be prefered solution)
It really depends on how far your ISP can go.
With VRRP you'll be able to load balance per VLAN only, but make it redundant also.
You'll be able to use route rules to send their traffic to each router based on their source address.
Does it make kinda sense : P ?
Thanks for the answer. This is an internal AS for now so the ISP above take care about advertising it on the net.
If I read you you’re suggesting to split the prefixes between the 2 groups? and ensure the subprefixes goes out by a 1 router at a time so the ISP can eventually merge them?
I don’t expect to do NAT at this level. The routers will be just here to pass the data. Originally I was thinking each machines begind a router could advertise its own ip. The real goal of it is to prevent teh case one remote dc or a link to it is down. Do you have any configuration to share, that would be very helpful .
Re: need help to setup redundant IPv4/IPv6 BGP
Posted: Tue Jun 22, 2021 11:16 pm
by wearfear
Hey.
Yes that is correct, advertising them as /32's split between your two routers with different local preferences should be possible to make it load balance and redundant.
Though, since your default gateway is set to the same PE router, you have to make sure where your bandwidth is limited for your load balance to work properly.
Uhm, don't really wanna make a setup for it to make some configuration as i'm not sure how you're hooked up to your ISP ><.
Are you peering to the same IP address on both your routers ?
Do you use an RFC1918 address for your links to your ISP or are you using your /29 for this ?
Re: need help to setup redundant IPv4/IPv6 BGP
Posted: Wed Jun 23, 2021 2:33 pm
by benoitc
Hey.
Yes that is correct, advertising them as /32's split between your two routers with different local preferences should be possible to make it load balance and redundant.
Though, since your default gateway is set to the same PE router, you have to make sure where your bandwidth is limited for your load balance to work properly.
Uhm, don't really wanna make a setup for it to make some configuration as i'm not sure how you're hooked up to your ISP ><.
Are you peering to the same IP address on both your routers ?
Do you use an RFC1918 address for your links to your ISP or are you using your /29 for this ?
Thanks for the confirmation. both routers are peering to different IPs using privates ips different from the /29. I will play a little with the config there, this will make my first constructive post right after I guess :)