You can set krt_prefsrc in bird. If I remember the option name right. On Wed, Nov 20, 2024, 10:11 hans.heng <hans.h...@zoom.us> wrote:
> > Hi Hans, > > > > What about just adding it to your LOCAL_NET list? If it works for the first > > IP, why it shouldn't work for the other? > > Hi Alexander, > > You’re right, simply adding it to LOCAL_NET list does work, other hosts then > can test tcp stream on this new virtual ip. > > But what confused me is that how can we add export a routing rule like this: > > $ ip route > default proto bird src 38.145.72.193 metric 32 > nexthop via 10.105.1.10 dev enp4s0f0 weight 1 > nexthop via 10.105.1.12 dev enp4s0f1 weight 1 > > Namely, how this server sends out the traffic using new virtual ip > 38.145.72.198 as source addr? > > Thanks, > Hans > > On Wed, November 20 2024 at 4:03 PM Alexander Zubkov <gr...@qrator.net> > <gr...@qrator.net> wrote: > > Hi Hans, > > What about just adding it to your LOCAL_NET list? If it works for the > first IP, why it shouldn't work for the other? > > On Wed, Nov 20, 2024 at 8:36 AM Hans Heng via Bird-users < > bird-users@network.cz> wrote: > >> Hi all! >> >> I have a dual-home server, whose connection topology and configuration is >> described as below. >> >> >> **** Connection Topology and Configuration **** >> >> The server has two physical NICs enp4s0f0 and enp4s0f1, which are connected >> to two separate ports TOR_A and TOR_B on a Top of Rack (TOR) router, each >> representing a separate BGP session through bgp_A and bgp_B protocol. >> >> The server also has a dummy interface named em5, which has a private ip >> 38.145.72.193/32 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=>. >> >> Bird kernel protocol exports an ECMP routing rule to kernel as a kernel >> default routing, and bgp_A/bgp_B protocol export the private ip to my >> internet, then 38.145.72.193/32 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> >> on em5 acts as a public ip. >> >> >> **** My goal **** >> >> I want to add another virtual ip on em5, say 38.145.72.198/32 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.198_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=H85Ro8DXm3uWfnfQU4MX2w7eTYkSllixeGgTN4D3XF8&e=>, >> and let this new virtual ip act as a public ip too. >> Can this requirement be met? If yes, how should I modify the configuration >> to make BGP advertise this ip over my internet? >> >> >> >> **** Additional Information on Server **** >> >> >> ## bird setup an ECMP route on 2 phy nics as default route, >> ## which set source ip to the public ip >> $ ip route >> default proto bird src 38.145.72.193 metric 32 >> nexthop via 10.105.1.10 dev enp4s0f0 weight 1 >> nexthop via 10.105.1.12 dev enp4s0f1 weight 110.105.1.10/31 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.105.1.10_31&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=-p9Ki6n5W1WV1sy_k1TvuK40E8Bwj5zNUKhIHqRBiws&e=> >> dev enp4s0f0 proto kernel scope link src 10.105.1.1110.105.1.12/31 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.105.1.12_31&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=PPYkekks3l9B0WozwhhmanpPyqt-7_BalYLNq0I3QJM&e=> >> dev enp4s0f1 proto kernel scope link src 10.105.1.13 >> >> >> bird> show route all >> Table master4:0.0.0.0/0 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__0.0.0.0_0&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=Cvj89uXo924yxK47AGuHlg3g1BKfJdkW6sUvQso_2xE&e=> >> unicast [bgp_A 2024-11-17] * (100) [AS4212010101i] >> via 10.105.1.10 on enp5s0f0 >> Type: BGP univ >> BGP.origin: IGP >> BGP.as_path: 4259105001 4212010101 >> BGP.next_hop: 10.105.1.10 >> BGP.local_pref: 0 >> unicast [bgp_B 2024-11-18] (100) [AS4212010101i] >> via 10.105.1.12 on enp5s0f1 >> Type: BGP univ >> BGP.origin: IGP >> BGP.as_path: 4259205001 4212010101 >> BGP.next_hop: 10.105.1.12 >> BGP.local_pref: 038.145.72.193/32 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> >> unicast [direct1 2024-11-06] * (240) >> dev em5 >> Type: device univ >> >> >> >> >> # bird.conf >> router id 172.18.xxx.yyy; >> ipv4 table master4; >> >> define LOCAL_NET = [ 38.145.72.193/32 >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__38.145.72.193_32&d=DwMFaQ&c=8lBT5Jra4Bm5rFhLVR7k1wx3__gIUgr523Abjhgq6Gg&r=2bMJ37PQSlB2sRdYUDvVq5IXWp4L1dKQ8V4ZALYNl1I&m=WC9AjD5ZaNv4Fa_mh7nA7q4p-qW7Lj3LBH1uqKj-709dNQOFf9b092u8Xwq5Ago4&s=jKSN1FCc_6R4dNzWWkk4s9IEPghmnQKefyIIVtVmGsE&e=> >> ]; >> >> protocol direct { >> ipv4; >> interface "em5",-"*"; >> } >> >> protocol kernel { >> scan time 1; >> merge paths yes limit 4; >> ipv4 { >> import none; >> export filter { >> if proto = "direct1" then reject; >> krt_prefsrc = 38.145.72.193; >> accept; >> }; >> }; >> } >> >> protocol device { >> scan time 1; >> } >> >> protocol bgp bgp_A { >> description "TOR A"; >> local 10.105.1.11 as 4290105101 ; # enp4s0f0 >> neighbor 10.105.1.10 as 4259105001; # TOR_A >> path metric 1; >> ipv4 { >> import all; >> export filter { >> if net ~ LOCAL_NET then accept; >> else reject; >> }; >> next hop self; >> }; >> } >> >> protocol bgp bgp_B { >> bfd; >> description "TOR B"; >> local 10.105.1.13 as 4290105101 ; # enp4s0f1 >> neighbor 10.105.1.12 as 4259205001; # TOR_B >> default bgp_med 0; >> default bgp_local_pref 0; >> path metric 1; >> ipv4 { >> import all; >> export filter { >> if net ~ LOCAL_NET then accept; >> else reject; >> }; >> next hop self; >> }; >> } >> >>
