This looks precisely what I am looking for. Will try it out. Thank you! On Wed, Jun 9, 2021 at 10:42 AM Claudio Jeker <cje...@diehard.n-r-g.com> wrote:
> On Wed, Jun 09, 2021 at 09:57:32AM +0200, open...@kene.nu wrote: > > Hello, > > > > Just a question and maybe a suggestion. I am implementing a few DCs that > > use vxlan symmetric routing and hence, layer2 redundancy protocols like > > CARP (and VRRP/HSRP) do not work as intended due to evpn layer2 being the > > technology of choice to announce ARP entries. > > > > This led me to try out the "depend on carp" functionality that is > available > > on openbgpd. It does what I want, partially. It would be much more usable > > if you cold define what this functionality does in case of a CARP backup > > state. Currently it puts the bgp neighbor into Idle state. However, it > > would be better if one could define that it should as-path prepend and/or > > add a metric (MED) instead. This way, carp failovers would not rely on > the > > tedious and relatively time consuming process of setting up a BGP session > > and announcing prefixes before it can truly be carp master. > > > > WDYT? > > The 'depend on' feature was added to use a CARP cluster as a BGP border > router (e.g. at an IXP that only gives one IP/port). In that case the > backup carp interface is not able to open a TCP session. The backup carp > interface is not reachable and the session would conflict with the master > session. > > What you would like is to add depend on on announcements (network > 10.0.0.0/24 depend on carp0) or probably as a filter (match to group > uplinks depend on carp set med 100). At least this is how I understand > your request. > > -- > :wq Claudio > >
