BIRD2 for anycast announcing - Tue, Nov 10, 2020
BIRD2 for anycast announcing IPs
I had to come up with a way to easily manage an /32 announcement from some nginx-plus load balancer servers for the office because the networking group couldn’t figure out how to keep an endpoint up across a multisite campus network.
The problem
We needed a single IP address that could be reachable in either of our sites, incase the fiber between them goes out. The backend system between them sits in both sites, and could take the outage, but agents talking to the backend systems, needed a unified address to hit that would always be up for them. The networking team didn’t have f5 in both sites, so we couldn’t use those.
What I decided to build
First I needed to decide how to load balance. We already had experience with NGINX-Plus Load Balancers, so this was an easy choice since we wanted a supported system. Next, how would I have the same address across sites? Well, that would be using Anycast addressing (announcing the same /32 in each site). BIRD is the standard for multi protocol routing daemon on Linux servers.
Extra Features that aren’t documented
There are a ton of documentation on how to get BIRD setup. The documentation is pretty good too, and that’s how I got my basic configuration up. But I wanted an easy way to remove the announcements without shutting down the software. I decided to have it only announce ips assigned to a dummy interface, which I call anycast0.
Here’s an example /etc/bird.conf that does this.
log syslog all;
router id <ip address>;
protocol device {
}
protocol bfd {
}
protocol direct {
ipv4;
interface "anycast0";
}
protocol kernel {
learn;
persist;
scan time 20;
ipv4 {
import none;
export filter {
if proto = "direct1" then reject;
accept;
};
};
}
protocol bgp peer1 {
description "Peer1 Name";
local <source ip> as 65515;
neighbor <uplinkrouter> as 65500;
bfd graceful;
ipv4 {
import none;
export filter {
print "route: ", net, ", ", from, ", ", proto, ", ", bgp_next_hop;
accept;
};
};
graceful restart;
}
This is just the basic configuration for BIRD2. It looks for a device named anycast0, and will announce it out to all bgp peers (only 1 in this config). If you down the anycast0 interface, it will remove the route announcement from the peers within a few seconds.
Since we are running RedHat 7, I also needed a way to statically configure the anycast0 device.
nmcli connection add type dummy ifname anycast0 ipv4.method manual ipv4.addresses 100.64.1.1/32 ipv6.method ignore
This creates a dummy interface using NetworkManager that comes up on boot. It is named dummy-anycast0.
nmcli connection down dummy-anycast0
nmcli connection up dummy-anycast0
This lets us take down the anycast0 device, which removes the routes at any time. We can then up the interface, and have the routes re-announced.