Community discussions

MikroTik App
 
benoitc
Member Candidate
Member Candidate
Topic Author
Posts: 169
Joined: Wed Jul 08, 2020 12:33 am

need help to setup redundant IPv4/IPv6 BGP

Tue Jun 22, 2021 12:43 am

I have a service that provides me a /48 IPv6 and a /29 IPv4 ranges using BGP. I access to it via 2 ISPs, 1 can open a session directly to it, and the second do it over a GRE tunnel.

They are for now configured in failover mode on one router. But I would like to split both connection over 2 routers (CCR2004) each connected to 2 switches (CRS317) for redundancy. I would like also to be able to share the load between ISPs: a group A that connect to ISP1 mainly and fail over to ISP2, while the other group B connect to ISP2 mainly and fail over ISP1.

Is there any good practice to do it? I was thinking to use VRRP to handle hardware redudancy but how can I configure BGP for it? Does it need some support from my provider? What to ask? Any help is appreciated :)
 
wearfear
just joined
Posts: 13
Joined: Wed Aug 29, 2018 3:09 pm

Re: need help to setup redundant IPv4/IPv6 BGP

Tue Jun 22, 2021 7:24 am

Do you have you own AS for your /29 and /48 ?
Are you natting at this point ?
Are you running GRE with the same router you have the directly connected BGP session to ?

Sharing the load will probably be difficult if you are gonna source your traffic from the same addresses on both routers as you can't guarantee return traffic will return to the router that forwards you initial session. It all depends on how your ISP is routing your addresses to your routers though. If you split up your /29 into /32 and assign your external addresses (you can use an RFC1918 address for this if your ISP allows it, they might not wanna fiddle with their VRF for internet to prevent an RFC1918 address being advertised in their routing table) to the routers and make your ISP route each of the /32 to your routers.

You can maybe also be able to advertise your different /32 for each routers with different Local Preferences to force traffic to the different routers. (This would be prefered solution)

It really depends on how far your ISP can go.

With VRRP you'll be able to load balance per VLAN only, but make it redundant also.
You'll be able to use route rules to send their traffic to each router based on their source address.

Does it make kinda sense : P ?
 
benoitc
Member Candidate
Member Candidate
Topic Author
Posts: 169
Joined: Wed Jul 08, 2020 12:33 am

Re: need help to setup redundant IPv4/IPv6 BGP

Tue Jun 22, 2021 9:20 am

Do you have you own AS for your /29 and /48 ?
Are you natting at this point ?
Are you running GRE with the same router you have the directly connected BGP session to ?

Sharing the load will probably be difficult if you are gonna source your traffic from the same addresses on both routers as you can't guarantee return traffic will return to the router that forwards you initial session. It all depends on how your ISP is routing your addresses to your routers though. If you split up your /29 into /32 and assign your external addresses (you can use an RFC1918 address for this if your ISP allows it, they might not wanna fiddle with their VRF for internet to prevent an RFC1918 address being advertised in their routing table) to the routers and make your ISP route each of the /32 to your routers.

You can maybe also be able to advertise your different /32 for each routers with different Local Preferences to force traffic to the different routers. (This would be prefered solution)

It really depends on how far your ISP can go.

With VRRP you'll be able to load balance per VLAN only, but make it redundant also.
You'll be able to use route rules to send their traffic to each router based on their source address.

Does it make kinda sense : P ?
Thanks for the answer. This is an internal AS for now so the ISP above take care about advertising it on the net.

If I read you you’re suggesting to split the prefixes between the 2 groups? and ensure the subprefixes goes out by a 1 router at a time so the ISP can eventually merge them?

I don’t expect to do NAT at this level. The routers will be just here to pass the data. Originally I was thinking each machines begind a router could advertise its own ip. The real goal of it is to prevent teh case one remote dc or a link to it is down. Do you have any configuration to share, that would be very helpful .
 
wearfear
just joined
Posts: 13
Joined: Wed Aug 29, 2018 3:09 pm

Re: need help to setup redundant IPv4/IPv6 BGP

Tue Jun 22, 2021 11:16 pm

Hey.

Yes that is correct, advertising them as /32's split between your two routers with different local preferences should be possible to make it load balance and redundant.
Though, since your default gateway is set to the same PE router, you have to make sure where your bandwidth is limited for your load balance to work properly.

Uhm, don't really wanna make a setup for it to make some configuration as i'm not sure how you're hooked up to your ISP ><.

Are you peering to the same IP address on both your routers ?
Do you use an RFC1918 address for your links to your ISP or are you using your /29 for this ?
 
benoitc
Member Candidate
Member Candidate
Topic Author
Posts: 169
Joined: Wed Jul 08, 2020 12:33 am

Re: need help to setup redundant IPv4/IPv6 BGP

Wed Jun 23, 2021 2:33 pm

Hey.

Yes that is correct, advertising them as /32's split between your two routers with different local preferences should be possible to make it load balance and redundant.
Though, since your default gateway is set to the same PE router, you have to make sure where your bandwidth is limited for your load balance to work properly.

Uhm, don't really wanna make a setup for it to make some configuration as i'm not sure how you're hooked up to your ISP ><.

Are you peering to the same IP address on both your routers ?
Do you use an RFC1918 address for your links to your ISP or are you using your /29 for this ?
Thanks for the confirmation. both routers are peering to different IPs using privates ips different from the /29. I will play a little with the config there, this will make my first constructive post right after I guess :)

Who is online

Users browsing this forum: No registered users and 12 guests