我是只肥兔子起因,家里的网络最近莫名其妙的开始阻断,恢复时间不等,故做了简单的网络备份,此篇文章进行相关记录
1.网络结构
backup 1 node(10.2.0.1)——————–|
(10.1.0.3) |
| |
| (proxy ip 10.0.0.1/32) (10.2.0.2)
proxy main node(10.1.0.1)—-(10.1.0.2)home
| (10.3.0.2)
| |
(10.1.0.4) |
backup 2 node (10.3.0.1)——————–|
2.简单运行逻辑
所有备份的节点需要和proxy main node和home连接(笔者使用wireguard连接),同时建立bgp时,启用rr(路由反射),启用bfd
proxy main node宣告路由10.0.0.1/32,启用bfd
home设置backup node路由权重(此处使用weight属性),启用bfd
设置完成后,当proxy main node与home的链路出现问题,将会毫秒级切换至其他backup node至proxy main node。
3.配置过程
proxy main node:
bfd profile bgpcheck detect-multiplier 2 exit ! exit router bgp 59598 neighbor 10.1.0.2 remote-as 59598 neighbor 10.1.0.2 bfd profile bgpcheck neighbor 10.1.0.3 remote-as 59598 neighbor 10.1.0.4 remote-as 59598
backup 1 node:
bfd profile bgpcheck detect-multiplier 2 exit ! exit router bgp 59598 neighbor 10.1.0.1 remote-as 59598 neighbor 10.2.0.2 remote-as 59598 neighbor 10.2.0.2 bfd profile bgpcheck address-family ipv4 unicast neighbor 10.2.0.2 route-reflector-client exit-address-family exit
backup 2 node:
bfd profile bgpcheck detect-multiplier 2 exit ! exit router bgp 59598 neighbor 10.1.0.1 remote-as 59598 neighbor 10.3.0.2 remote-as 59598 neighbor 10.3.0.2 bfd profile bgpcheck address-family ipv4 unicast neighbor 10.3.0.2 route-reflector-client exit-address-family exit
home:
bfd profile bgpcheck detect-multiplier 2 exit ! exit route-map main-node-in permit 10 set ip next-hop peer-address set weight 1000 exit route-map backup-1-node-in permit 10 set ip next-hop peer-address set weight 999 exit route-map backup-2-node-in permit 10 set ip next-hop peer-address set weight 998 exit router bgp 59598 neighbor 10.1.0.1 remote-as 59598 neighbor 10.1.0.1 bfd profile bgpcheck neighbor 10.2.0.1 remote-as 59598 neighbor 10.2.0.1 bfd profile bgpcheck neighbor 10.3.0.1 remote-as 59598 neighbor 10.3.0.1 bfd profile bgpcheck address-family ipv4 unicast neighbor 10.1.0.1 route-map main-node-in in neighbor 10.2.0.1 route-map backup-1-node-in in neighbor 10.3.0.1 route-map backup-2-node-in in exit-address-family exit