BGP Multihoming Failover using VRRP - MUM - MikroTik User...
-
Upload
nguyenliem -
Category
Documents
-
view
307 -
download
7
Transcript of BGP Multihoming Failover using VRRP - MUM - MikroTik User...
![Page 1: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/1.jpg)
NETWIRE.CA
BGP Multihoming&
Failover using VRRPHani Rahrouh
[email protected] Canadian MUMOctober 19th, 2015 Montreal, Canada
![Page 2: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/2.jpg)
About me• Hani Rahrouh
• MikroTik Certified since 2008
• MikroTik Consultant
• MikroTik Certified Trainer Since 2011 @ www.wirelessnetware.ca
http://www.mikrotik.com/training/partners/northamerica/canada
• MikroTik Distributor @ www.netwire.ca
![Page 3: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/3.jpg)
Come to our free MikroTik workshops and Events
Come join us for free workshop.We know MikroTik RouterBOARDs and RouterOS, so we can answer all your questions and help you learn
more about the things you’re interested in.
www.wirelessnetware.ca
![Page 4: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/4.jpg)
OverviewFully redundant fault tolerant internet
connectivity
• BGP Multi-homingWhy Multi-home?How to Multi-home?
• Dynamic Failover using VRRP• Manual Failover • Monitoring
![Page 5: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/5.jpg)
NETWIRE.CA
Everything about reliability and redundancy
![Page 6: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/6.jpg)
Two of everything
![Page 7: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/7.jpg)
NETWIRE.CA
VRRP
![Page 8: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/8.jpg)
Redundant Router(GW)Virtual Router Redundancy Protocol (VRRP)
![Page 9: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/9.jpg)
Gateway FailedRedundant gateway!
![Page 10: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/10.jpg)
Is VRRP a good idea when we have connection-tracking
enable on the routers!
![Page 11: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/11.jpg)
Problems
• ARPTraffic originated by a VRRP cluster uses a Virtual MAC address of the form 00-00-5e-00-01-<VRID>.
• Connection-Tracking
• Gateway failed
![Page 12: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/12.jpg)
Redundant GatewayBGP Multi-Homing
![Page 13: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/13.jpg)
Why Multi-home and Why would I want it?
It’s all about:Redundancy ”Fail-over”Diversity Reliability
![Page 14: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/14.jpg)
Why Multi-home?
Redundancy ”Fail-over”One connection to internet means the network is depend on: • Local Router (Configuration, RouterOS and
RouterBOARD)• WAN Media (physical failure, carrier failure)
![Page 15: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/15.jpg)
Why Multi-home?
Reliability• Business critical applications demand
continuously availability• Lack of redundancy implies lack of reliability
implies loss of revenue
![Page 16: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/16.jpg)
Problems
• Connection tracking is unable to keep valid track of connections with multi-homed BGP
• ARP Table Refresh periods• Client gateway failure• Downtime• Hardware failure
![Page 17: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/17.jpg)
Fully redundant fault tolerant internet connectivity
![Page 18: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/18.jpg)
ProviderCore
DistributionAccess
???
![Page 19: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/19.jpg)
Multi-homing Definition
Multi-link “ External” to local network
• Two or more link to the same ISP
• Multiple Interfaces, Single IP address per interface
• Two or more link to different ISPs
![Page 20: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/20.jpg)
Best path selection
• Lowest MED (default 0)
• Prefer the route with lowest router ID or ORIGINATOR_ID
![Page 21: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/21.jpg)
Two or more link to the same ISP• Multiple Links, Single IP address (space)
• Multiple Links, Multiple IP address (spaces)
Main Backup
![Page 22: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/22.jpg)
How to Multi-home
• Basic Multihoming
• Multi-home with the same ISP
![Page 23: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/23.jpg)
Basic MultihomingMulti-homing to the same ISP
(One as backup only)
• Use private AS (AS>64511)
• There is no need for public ASN
• AS100 “ the provider AS” removes private AS and any customer sub-prefixes from internet announcement
![Page 24: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/24.jpg)
Two link to the same ISP• Announce /24 aggregate on each link
Main link network: announce /24 Backup link network: announce /24 with increased metric
• When one link fails, the announcement of /24 aggregate via the backup link ensure continued connectivity.
![Page 25: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/25.jpg)
Two link to the same
ISP
Main Router Configuration
![Page 26: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/26.jpg)
Two link to the same ISP1
23
![Page 27: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/27.jpg)
Two link to the same ISP1
2
3
4
• Lower metric is preferred
• Exchanged between AS and used to make decision inside that AS, not passed to third AS.
• Ignored if received from different ASs
![Page 28: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/28.jpg)
Two link to the same ISP
Used to hint an external neighbour about path preference into an AS
1
2
3
![Page 29: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/29.jpg)
Two link to the same
ISP
Backup Router Configuration
![Page 30: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/30.jpg)
Two link to the same ISP1
32
![Page 31: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/31.jpg)
Two link to the same ISP1
2
3
• Lower metric is preferred
• Exchanged between AS and used to make decision inside that AS, not passed to third AS.
• Ignored if received from different ASs
4
![Page 32: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/32.jpg)
Two link to the same ISP
Used to hint an external neighbour about path preference into an AS
1
3
2
![Page 33: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/33.jpg)
D- Dynamic A- Active b- BGP MED=50
D- Dynamic b- BGP
Main interface
Backup interface
![Page 34: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/34.jpg)
VRRPEnable VRRP configuration
on Core layer network
![Page 35: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/35.jpg)
NETWIRE.CA
VRRP Setup on main Router
123
4 5
![Page 36: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/36.jpg)
NETWIRE.CA
VRRP Setup on backup Router
12
3 4
![Page 37: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/37.jpg)
Failed
Main Router Backup Router
![Page 38: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/38.jpg)
Problems
• Router crash!• Interface failure
![Page 39: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/39.jpg)
NETWIRE.CA
SolutionsMonitoring• E-mail notification• SMSAccess Router
![Page 40: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/40.jpg)
Access Router
![Page 41: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/41.jpg)
The-DudeThe Dude is free of charge!
![Page 42: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/42.jpg)
Question?
![Page 43: BGP Multihoming Failover using VRRP - MUM - MikroTik User ...mum.mikrotik.com/presentations/CA15/presentation_2958_1447077137.pdf · NETWIRE.CA BGP Multihoming & Failover using VRRP](https://reader031.fdocuments.in/reader031/viewer/2022012307/5c5fb10209d3f26c398b4668/html5/thumbnails/43.jpg)
Enjoy!