Hackosis is an Open Blog. You Can Participate.

  • 06
  • Dec

Routing with VyattaTimes are getting thin before replacing the Cisco 7500 core router with open source routing platform, Vyatta, as mentioned in a previous post. And not only that, but the decision has been made to go ahead and set up redundant, auto-failover Vyatta routers. Also, check out how to throttle bandwith with the Linux kernel in Vyatta (or any other Linux with 2.4+ kernel) before I go into more detail.

The Hardware

The hardware has been purchased and received. The setup includes 2 - Dell PowerEdge SC1430s with the following specifications:

  • 2 Quad-core 2.0GHz Xeon Processors
  • 4 GB of 667MHz RAM
  • 2 80GB SATA 3GB/s configured with RAID 1
  • 1 Gbit Onboard NIC
  • 1 Intel 1000PT Gbit PCI Express NIC

You couldn’t ask for an easier install with Vyatta and it did so beautifully with this hardware. Vyatta acually certifies Dell 850s and 860s. Seriously, the install procedure with the live CD is as simple as logging in as root, typing

install-system

and answering a few very basic questions. All hardware components were detected including the SAS 5IR Dell RAID PCI Express adapter.

The Software

Everything has yet to be setup; it is still a work in progress. BUT these are my plans. There will be a post after the system is up and running about how well everything listed here works.

NOTE: The following assumes you have already setup your ‘real’ IP addresses and static routes.

Automatic IP failover with VRRP

VRRP will be implemented for automatic IP address failover in the event that the primary unit goes down. VRRP involves setting ‘real’ IP addresses on the ethernet interfaces which will not function as the main routing addresses — just a way to access the machine through the network. After setting up VRRP the 2 (or more) routers share a VIP (virtual IP) that is managed by the VRRP process on each router. The backup router is constantly checking to make sure the primary router is up, if not, it takes over as the master router. Pretty cool, huh?

Example of VRRP Vyatta configuration steps (taken from the Vyatta Configuration Guide - 3.4MB PDF):

Router 1:

set interfaces ethernet eth0 vrrp vrrp-group 99
set interfaces ethernet eth0 vrrp virtual-address 172.16.0.24
set interfaces ethernet eth0 vrrp preempt true
set interfaces ethernet eth0 vrrp priority 150
commit

Router 2:

set interfaces ethernet eth0 vrrp vrrp-group 99
set interfaces ethernet eth0 vrrp virtual-address 172.16.0.24
set interfaces ethernet eth0 vrrp preempt true
set interfaces ethernet eth0 vrrp priority 20
commit

Easy enough to configure. Understanding the whole VRRP process is another story, but luckily Vyatta takes care of configuring VRRP for us when we give it the necessary information.

Route Propagation with eBGP

I chose eBGP over iBGP, since I am not looking for huge scalability and it is slightly easier to configure than iBGP. BGP stands for Border Gateway Protocol and is used to exchange routing information between peers. This will keep the routing information up to date between my redundant Vyatta routers without having to change the routing tables in both machines. In turn, if my primary router fails and the secondary router takes over through VRRP, it will have the most up to date routing information. BGP will have to be setup on the ‘real’ IP addresses and not through the VRRP in order to function correctly.

Example of eBGP Vyatta configuration steps (taken from the Vyatta Configuration Guide - 3.4MB PDF):

Router 1:

set protocols bgp peer 88.88.88.2 as 200
set protocols bgp peer 88.88.88.2 local-ip 88.88.88.1
set protocols bgp peer 88.88.88.2 next-hop 88.88.88.1
commit

Router 2:

set protocols bgp peer 99.99.99.2 as 300
set protocols bgp peer 99.99.99.2 local-ip 99.99.99.1
set protocols bgp peer 99.99.99.2 next-hop 99.99.99.1
commit

You can then verify that the eBGP is communicating with the following command:

show bgp peers

I am confident BGP will serve well, it is the most used dynamic routing protocol on the internet today.

And there we have redundant routers via VRRP and eBGP with bandwidth control. I plan on setting up a cron job to copy the tc configuration through a SCP command every hour and emailing on failure (another post, another time). I hope you think about Vyatta as a possible solution for replacing proprietary equipment in your infrastructure. I will give you an update on how this theory works after the solution has been implemented. Feel free to share any routing tips and tricks in the comments, Vyatta related, or not.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Related Posts


Tags: , , , , ,

Like this post? Subscibe to the RSS feed.


9 Comments

  1. Allan Leinwand Says:
    December 7th, 2007 at 12:46 pm

    Hi Shane -

    Thanks for the posts and config examples. If we can give help you out in any way, please let us know. We’re eager to hear your comments and suggestions on the product and think that you’ve found the right way to replace your proprietary equipment!

    Thanks,

    Allan

  2. Vyatta Linux VRRP Limitations | Hackosis Says:
    December 11th, 2007 at 12:34 pm

    [...] It has come to my attention that VRRP cannot be implemented on the new Vyatta routers. [...]

  3. Vyatta - No Way for a Null Route | Hackosis Says:
    December 13th, 2007 at 10:16 am

    [...] stop me from implementing Vyatta for our core routing solution. Be sure to take a look at previous posts on Vyatta on Hackosis if you haven’t already. dontstealmyrsshackosis Tags: Bug, [...]

  4. JM Says:
    March 5th, 2008 at 9:02 pm

    Hey Shane,

    I just came across the Vyatta product and I’ve been reading about it. It looks promising. I’m interested in using it for BGP with full routing table to load balance and failover across more than 2 providers.

    Please let me know how it’s going with your setup.

    Thanks
    JM

  5. Dave Says:
    May 28th, 2008 at 2:56 pm

    Has anyone successfully implemented this?

  6. Shane Says:
    May 28th, 2008 at 7:45 pm

    Dave. Thanks for the comment and welcome to my blog.

    This is really possible with Vyatta latest release, VC4. There is such an improvement with the VRRP and BGP systems in this release.

    Good luck and if you have any more questions please let me know.

  7. moad Says:
    August 6th, 2008 at 11:06 am

    Hey shane,
    I have some questions about configuration of routers I would to make an application that can copy configuration from router “vyatta” for exmple to another router (vyatta to cisco for exmple). and for this I use the tftp server to copy the configuration of some router, but the syntax of each router its not the same from one router to another, for this if you have an idea that can help me please tel to me just an idea /

    And Good luck
    Thanks.

  8. Shane Says:
    August 7th, 2008 at 12:11 pm

    moad,

    This is possible. The config would have to be placed through some sort of ’syntax converter’. I would just recommend using all the same routing platforms throughout the network.

  9. Harindra Says:
    November 3rd, 2008 at 2:14 am

    Please I want to know how can I configure a Virtual Redundant Routing Protocol (VRRP) on LINUX server..

Leave a Comment