Hello list,
even I spent some time to BGP and BIRD, I am somehow still a newbie with
the goal to set up a redundant/high available BGP using BIRD in the future.
Initially I thought about putting BIRD onto a Linux system with Corosync
and Pacemaker for high availability. The two machines would be connected
also directly for heartbeat communication. This would be an active/standby
setup - but I'm not sure if this is a good idea (physical layout):
ISP1 ---+ +--- BIRD 1 --- Switch
| | | \ /
Switch | X
| | | / \
ISP2 ---+ +--- BIRD 2 --- Switch
Note that the "X" is just intersected not connected. This brings obviously
a single point of failure: The first switch. My next idea was doubling the
switch which requires of course two physical cables per ISP:
ISP 1 --- Switch 1 --- BIRD 1 --- Switch
\ / \ / | \ /
X X | X
/ \ / \ | / \
ISP 2 --- Switch 2 --- BIRD 2 --- Switch
This seems to be...expensive. Even this idea left me with an active/standby
setup at BIRD. So Pacemaker would start BIRD on one of the two servers and
stop it on the other. During maintainance of the servers the active/standby
would be changed to standby/active - but resets all BGP sessions and seems
to be especially disliked by eventually later peering partners. Correct me,
if I am wrong here, please. I also thought about this setup:
ISP 1 --- BIRD 1 --- Switch
| \ /
| X
| / \
ISP 2 --- BIRD 2 --- Switch
This actually requires two running BIRDs but leaves me with the question
how to deal with the IP address on the internal side. So in theory I would
have two virtual standard gateways for connected internal equipment?!
Maybe I'm also totally on the wrong road. The basic plan is two different
ISP connections, two Linux systems running BIRD and Corosync with Pacemaker
to achive high availability - and later some peering partners. I would like
to see a fast automated failover in case a link or a hardware breaks down.
Searching on the Internet brings lots of BSD-based setups with CARP/pfsync
but only less Linux-based ones, somebody noticed keepalived. So is Corosync
and Pacemaker just the wrong attempt?
Are there some recommendations or best practices on physical and software
structure? Do you run similar setups and how do they look like? What are
you using on the software level - except BIRD? And how long does a failover
take for you? Are you running active/active or active/standby?
I am also looking for hardware recommendations: If I am not completely mis-
taken, above requires (depending on the configuration) up to two full BGP
tables in memory...how much is that for IPv4 and IPv6? How about the CPU? I
can read in various documents that BIRD requires less CPU than others, but
what does less mean in a rough absolute value in GiB for above situation?
Thank you for reading my long e-mail and sorry for taking your time! Feel
also free to just send me some pointers in case I missed some documentation
or other useful links.
Greetings,
Robert
