BGP/old setup
| Line 19: | Line 19: | ||
Connected to zwinger. | Connected to zwinger. | ||
Escape character is '^]'. | Escape character is '^]'. | ||
| − | + | | |
Hello, this is quagga (version 0.96.5). | Hello, this is quagga (version 0.96.5). | ||
Copyright 1996-2002 Kunihiro Ishiguro. | Copyright 1996-2002 Kunihiro Ishiguro. | ||
| − | + | | |
| − | + | | |
User Access Verification | User Access Verification | ||
| − | + | | |
Password: | Password: | ||
zwinger.wikimedia.org> en | zwinger.wikimedia.org> en | ||
| Line 34: | Line 34: | ||
zwinger.wikimedia.org(config-router)# ex | zwinger.wikimedia.org(config-router)# ex | ||
zwinger.wikimedia.org(config)# ex | zwinger.wikimedia.org(config)# ex | ||
| + | zwinger.wikimedia.org# cop run sta | ||
| + | Configuration saved to /opt/quagga/etc/bgpd.conf | ||
zwinger.wikimedia.org# | zwinger.wikimedia.org# | ||
Do this on both Albert and Zwinger. Do the same on the new internal host, but add Zwinger and Albert as neighbors (using their internal IPs). | Do this on both Albert and Zwinger. Do the same on the new internal host, but add Zwinger and Albert as neighbors (using their internal IPs). | ||
Revision as of 10:18, 23 October 2004
To do automatic NAT failover, we use the BGP routing protocol, as implemented by Quagga. The two routers, Zwinger and Albert, run a BGP daemon configured to advertise the default route, 0.0.0.0/0. All internal machines (currently dalembert and goeje) run bgpd and peer with both zwinger and albert, getting the default route from either one (zwinger is weighted lower, so by default it should use that). If either Zwinger or Albert goes down, the BGP connection is dropped and Quagga automatically moves the default route to the remaining host, if needed.
Quagga is divided into two parts, zebra (the main daemon) and bgpd (the BGP implementation). it should be started by:
/opt/quagga/bin/zebra -d /opt/quagga/bin/bgpd -d
on hosts acting as routers, also do this:
ifconfig eth0:2 207.142.131.216 netmask 255.255.255.255 iptables -t nat -I POSTROUTING -o eth0 -s 10.0.0.0/8 -j SNAT --to 207.142.131.216
(Replace .216 with a spare IP)
To add a new internal host to a router:
[root@zwinger root]# telnet zwinger bgpd Trying 207.142.131.234... Connected to zwinger. Escape character is '^]'.
Hello, this is quagga (version 0.96.5). Copyright 1996-2002 Kunihiro Ishiguro.
User Access Verification
Password: zwinger.wikimedia.org> en Password: zwinger.wikimedia.org# conf t zwinger.wikimedia.org(config)# router bgp 64512 zwinger.wikimedia.org(config-router)# neighbor 10.0.0.X remote-as 64512 zwinger.wikimedia.org(config-router)# ex zwinger.wikimedia.org(config)# ex zwinger.wikimedia.org# cop run sta Configuration saved to /opt/quagga/etc/bgpd.conf zwinger.wikimedia.org#
Do this on both Albert and Zwinger. Do the same on the new internal host, but add Zwinger and Albert as neighbors (using their internal IPs).
