官方文档:

https://www.vultr.com/docs/high-availability-on-vultr-with-floating-ip-and-bgp

https://www.vultr.com/docs/configuring-bgp-on-vultr

1、由于我们没有自己的IP段以及自己的BGP ASN号,那么就从官方租赁。

https://my.vultr.com/bgp/

用上面的表格填写资料

vultr 上实现高可用冗余浮动公网IP出口(使用BIRD+BGP协议)High Availability on Vultr with Floating IP and BGP-LMLPHP

这里的路由表宣告,我选择的是Default Only,默认出口只有一个的时候,就选择这个。很多出口可以选择Full Table模式。这里我也不是很清楚。

对了。收到BGP的ASN号和密码以后,所有的VPS需要重启一次,才可以使用BGP。

2、关闭防火墙,关闭enforce

systemctl stop firewalld

sed -i s#SELINUX=enforcing#SELINUX=disable#g /etc/selinux/config

getenforce

3、安装bird

yum -y install bird

yum install net-tools

4、假设第一台服务器的VIP是1.2.3.4,IP是1.1.1.1,第二台服务器的IP是2.2.2.2,当前测试环境为centos7.x

VIP需要你自己去vultr自己租赁一个公网IP,这个IP不可以绑定到其他机器!

第一台服务器的配置:设置开机启动以下命令:chmod +x /etc/rc.d/rc.local把下面的命令,写到/etc/rc.d/rc.local创建一个回环接口,dummy1,关闭回环接口的命令为rmmod dummyip link add dev dummy1 type dummy
ip link set dummy1 up
ip addr add dev dummy1 1.2.3.4/32查看回环接口的IP:
# ip addr show dev dummy1
5: dummy1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/ether ba:23:57:2c:ad:bc brd ff:ff:ff:ff:ff:ff
    inet 192.0.2.10/32 scope global dummy1

5、备份bird默认配置

mv /etc/bird.conf /etc/bird.conf.bak

vi /etc/bird.conf

log "/var/log/bird" all;

router id 1.1.1.1;

protocol device
{
    scan time 5;
}

protocol direct
{
    interface "dummy1";
}

protocol bgp vultr
{
    local as <<YOURAS>>;
    source address 1.1.1.1;
    import none;
    export all;
    graceful restart on;
    next hop self;
    multihop 2;
    neighbor 169.254.169.254 as 64515;
    password "<<YOURPASSWORD>>";
}

YOURAS and YOURPASSWORD 是你之前第一步提交工单,vultr给你的ASN号,以及密码。

6、设置开机启动bird服务:systemctl enable bird.service

这边有一个关键的步骤,service bird start,启动服务,会报错。提示你:unable to connect to server control socket (/var/run/bird.ctl): connection refused

我插了下系统日志/var/log/messages,提示对日志文件/var/log/bird没有权限,所以你这边要先去创建一个这个文件,然后给它赋权777,chmod 777 /var/log/bird

还有一种可能性,就是你的配置文件是错的,那么用下面两条命令可以检查:

bird -p检查你的配置是否有错误服务启动以后,
birdc configure可以保存你的配置
It is now working, I am editing the configuration, and check if they all
fine by "", then after I do "birdc configure" to save the
configuration in bird.conf.

7、查看服务bird日志:

cat /var/log/bird

8、查看bgp状态,要确认有Established状态

Start the BIRD service service bird start, and wait a few seconds. Check that the BGP session has been established:

# birdc show proto all vultr
BIRD 1.5.0 ready.
name     proto    table    state  since       info
vultr    BGP      master   up     2016-01-15  Established
  Preference:     100
  Input filter:   REJECT
  Output filter:  ACCEPT
  Routes:         0 imported, 1 exported, 0 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
    Import updates:      255919581          0  255919581          0          0
    Import withdraws:      1905513          0        ---  257825094          0
    Export updates:              1          0          0        ---          1
    Export withdraws:            0        ---        ---        ---          0
  BGP state:          Established
    Neighbor address: 169.254.169.254
    Neighbor AS:      YOURAS
    Neighbor ID:      169.254.169.254
    Neighbor caps:    refresh enhanced-refresh restart-able AS4
    Session:          external multihop AS4
    Source address:   198.51.100.99
    Hold timer:       184/240
    Keepalive timer:  30/80

If everything is working properly, you should see "Established" next to BGP state. A common problem here is having a firewall blocking the BGP port (TCP 179). Also, if this instance was deployed before Vultr set up your BGP session, it will need to be restarted via the control panel before BGP is available. If you're still having problems, look at /var/log/bird for further details

查看bgp路由表

birdc show route9、关闭一个dummy接口ip link set dummy1 down10、我们现在来配置第二台服务器:前面的步骤都是一样,唯独在修改bird的配置文件的时候有点区别:vi /etc/bird.conf

log "/var/log/bird" all;

router id 2.2.2.2;

protocol device
{
scan time 5;
}

protocol direct
{
interface "dummy1";
}

protocol bgp vultr
{
local as<<YOURAS>>;

source address 2.2.2.2;
import none;
export all;
graceful restart on;
next hop self;
multihop 2;
neighbor 169.254.169.254 as 64515;
password
"<<YOURPASSWORD>>";

export filter {
bgp_path.prepend(<<YOURAS>>);
accept;
};
}

11、现在可以测试了

一直长ping VIP 1.2.3.4,然后shutdown第一台服务器的

ip link set dummy1 down

,ping还是可以继续,并不会断。

05-11 22:51