Hi,
Is AS path prepending on backup router not an option?
# example
# if bgp_path ~ [= myas =] then
# bgp_path.prepend(myas);
# accept;
if proto = "static_bgp_v4" then {
bgp_path.prepend(myas);
accept;
}
else reject;
Regards,
Gregor Fajdiga
Sistemski administrator, Informatika
System administrator, IT
Delo, d.o.o.
Likozarjeva 1,
SI-1000 Ljubljana
+386 1 4737 993
fajd...@delo.si
www.delo.si <http://www.delo.si>
On 21/01/2022 15:49, Alessandro Brega wrote:
Hello guys,
I have two identically configured routers (bird2, only the local ip is
different), connected to one upstream and a few internal vlans. Each
router has a BGP session with the upstream router. I have a couple of
small local subnets (/27, /28, ..), which are on different vlan
interfaces, which I need to announce to upstream. They all belong to
one big network (/23). As the upstream router doesn't accept routes
smaller than /24, I only announce a single route to the /23 network. I
uploaded my bird configuration https://controlc.com/aa226135.
For completeness: for first hop redundancy (default gateway of the
clients using the small subnets) I use keepalived on my routers, which
works fine so far.
What's the problem:
As both routers announce the same network to upstream, upstream sends
some of its traffic to router1 and some to router2 (but doesn't seem
balanced in any way). This seems to cause (at least) tcp ordering
issues (I suspect, couldn't confirm it in any way), because sometime
some connections from local client to clients behind the
upstream "hang" for a couple of seconds. If I stop bird on the backup
router (so all traffic only goes to the active one) no hangs occur.
The question:
Is my setup ok or is it (completely) broken? Is it ok to have both
routers announce the same subnets at the same time?
Possible solution I'm thinking about but don't know how to do it:
Both routers should have an active BGP sessions (for fast failover),
but only the router which is active (and thus has the gateway ips)
should announce the "aggregated" route (the /23). This way no traffic
would go over the backup. But I wonder how this could be configured in
bird? I could configure keepalived to not only create the gateway ips
but also the small subnets (in my current config the subnets are
created by bird). Would this make things easier for bird?
My last resort would be to have keepalived execute scripts which
reconfigure bird on failover. But somehow this feels wrong? Or is this
the way to do it?
Thank you very much for reading and any help. I'm struggling with this
for days now... :-(
Alessandro
