官方文档:
https://www.vultr.com/docs/high-availability-on-vultr-with-floating-ip-and-bgp
https://www.vultr.com/docs/configuring-bgp-on-vultr
1、由于我们没有自己的IP段以及自己的BGP ASN号,那么就从官方租赁。
https://my.vultr.com/bgp/
用上面的表格填写资料
这里的路由表宣告,我选择的是Default Only,默认出口只有一个的时候,就选择这个。很多出口可以选择Full Table模式。这里我也不是很清楚。
对了。收到BGP的ASN号和密码以后,所有的VPS需要重启一次,才可以使用BGP。
2、关闭防火墙,关闭enforce
systemctl stop firewalld
sed -i s#SELINUX=enforcing#SELINUX=disable#g /etc/selinux/config
getenforce
3、安装bird
yum -y install bird
yum install net-tools
4、假设第一台服务器的VIP是1.2.3.4,IP是1.1.1.1,第二台服务器的IP是2.2.2.2,当前测试环境为centos7.x
VIP需要你自己去vultr自己租赁一个公网IP,这个IP不可以绑定到其他机器!
第一台服务器的配置:设置开机启动以下命令:chmod +x /etc/rc.d/rc.local把下面的命令,写到/etc/rc.d/rc.local创建一个回环接口,dummy1,关闭回环接口的命令为rmmod dummyip link add dev dummy1 type dummy
ip link set dummy1 up
ip addr add dev dummy1 1.2.3.4/32查看回环接口的IP:# ip addr show dev dummy1
5: dummy1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether ba:23:57:2c:ad:bc brd ff:ff:ff:ff:ff:ff
inet 192.0.2.10/32 scope global dummy15、备份bird默认配置
mv /etc/bird.conf /etc/bird.conf.bak
vi /etc/bird.conf
log "/var/log/bird" all;
router id 1.1.1.1;
protocol device
{
scan time 5;
}
protocol direct
{
interface "dummy1";
}
protocol bgp vultr
{
local as <<YOURAS>>;
source address 1.1.1.1;
import none;
export all;
graceful restart on;
next hop self;
multihop 2;
neighbor 169.254.169.254 as 64515;
password "<<YOURPASSWORD>>";
}YOURAS and YOURPASSWORD 是你之前第一步提交工单,vultr给你的ASN号,以及密码。
6、设置开机启动bird服务:systemctl enable bird.service
这边有一个关键的步骤,service bird start,启动服务,会报错。提示你:unable to connect to server control socket (/var/run/bird.ctl): connection refused
我插了下系统日志/var/log/messages,提示对日志文件/var/log/bird没有权限,所以你这边要先去创建一个这个文件,然后给它赋权777,chmod 777 /var/log/bird
还有一种可能性,就是你的配置文件是错的,那么用下面两条命令可以检查:
bird -p检查你的配置是否有错误服务启动以后,
birdc configure可以保存你的配置
It is now working, I am editing the configuration, and check if they all fine by "", then after I do "birdc configure" to save the configuration in bird.conf.
7、查看服务bird日志:
cat /var/log/bird8、查看bgp状态,要确认有Established状态
Start the BIRD service service bird start, and wait a few seconds. Check that the BGP session has been established:
# birdc show proto all vultr
BIRD 1.5.0 ready.
name proto table state since info
vultr BGP master up 2016-01-15 Established
Preference: 100
Input filter: REJECT
Output filter: ACCEPT
Routes: 0 imported, 1 exported, 0 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 255919581 0 255919581 0 0
Import withdraws: 1905513 0 --- 257825094 0
Export updates: 1 0 0 --- 1
Export withdraws: 0 --- --- --- 0
BGP state: Established
Neighbor address: 169.254.169.254
Neighbor AS: YOURAS
Neighbor ID: 169.254.169.254
Neighbor caps: refresh enhanced-refresh restart-able AS4
Session: external multihop AS4
Source address: 198.51.100.99
Hold timer: 184/240
Keepalive timer: 30/80
If everything is working properly, you should see "Established" next to BGP state. A common problem here is having a firewall blocking the BGP port (TCP 179). Also, if this instance was deployed before Vultr set up your BGP session, it will need to be restarted via the control panel before BGP is available. If you're still having problems, look at /var/log/bird for further details
查看bgp路由表
birdc show route9、关闭一个dummy接口ip link set dummy1 down10、我们现在来配置第二台服务器:前面的步骤都是一样,唯独在修改bird的配置文件的时候有点区别:vi /etc/bird.conflog "/var/log/bird" all;
router id 2.2.2.2;
protocol device
{
scan time 5;
}
protocol direct
{
interface "dummy1";
}
protocol bgp vultr
{
local as<<YOURAS>>;
source address 2.2.2.2;
import none;
export all;
graceful restart on;
next hop self;
multihop 2;
neighbor 169.254.169.254 as 64515;
password"<<YOURPASSWORD>>";
export filter {
bgp_path.prepend(<<YOURAS>>);
accept;
};
}
11、现在可以测试了
一直长ping VIP 1.2.3.4,然后shutdown第一台服务器的
ip link set dummy1 down
,ping还是可以继续,并不会断。