Configuring IP Failover over BGP using FRR (Advanced)
Traducciones al EspañolEstamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
NoteNot all data centers support configuring IP failover over BGP. Review the Configuring Failover on a Compute Instance to learn more about IP Sharing / IP failover availability within each data center.
This guide covers using the open source FRRouting (FRR) tool to configure failover between two Linode Compute Instances. FRR is a routing service that uses BGP to monitor and fail over components in a high availability configuration. These instructions supplement the general Configuring Failover on a Compute Instance guide and are intended as an advanced alternative to lelastic when more control and customization is needed.
Before You Begin
Prior to following this guide, ensure the following has been done on each Compute Instance used within your IP failover strategy.
Read through the Configuring Failover on a Compute Instance guide to learn more about how failover is implemented within Linode Compute.
Set the hostname and update the hosts file for each Compute Instance.
Verify Python3 is installed. See FRR’s official documentation to learn about FRR’s Python dependencies.
Configure Failover
These instructions enable you to configure failover using FRR, which is very configurable and can be used for advanced failover implementation. This guide depends on the general Configuring Failover on a Compute Instance guide for many steps.
To configure failover, complete each section in the order shown:
- Configuring Failover on a Compute Instance > Create and Share the Shared IP Address
- For each Compute Instance:
- Configuring Failover on a Compute Instance > Test Failover
Install FRR
This section provides instructions for installing FRR on Debian, Ubuntu, and CentOS systems through their native package managers. If you’re using a different distribution or prefer to install FRR from source, follow FRR’s official installation instructions to install FRR using git.
Debian and Ubuntu
Supported distributions: Ubuntu 20.04, 18.04, and 16.04 | Debian 11, 10, and 9
Set the FRR environment variable to the version you would like to install. The possible values are
frr-6
,frr-7
,frr-8
, andfrr-stable
, though it is recommended to usefrr-stable
to install the latest stable version.FRRVER="frr-stable"
Note
For more information on FRR versions, see the FRR Debian repository and FRR’s Github Releases.If you’re running an older Debian-based system, you may need to install the packages below, which come default with most modern Debian-based distributions.
sudo apt update && sudo apt install apt-transport-https gnupg
Add FRR’s GPG key:
curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
Add FRR’s Debian repository to your system’s source’s list:
echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
Install FRR:
sudo apt install frr frr-pythontools
CentOS/RHEL 7 and 8
Supported distributions: CentOS Stream 9 (and 8), CentOS 8 (and 7), other RHEL derivatives (including AlmaLinux 8, and Rocky Linux 8), and Fedora.
Set the FRR environment variable to the version you would like to install. The possible values are
frr-6
,frr-7
,frr-8
, andfrr-stable
, though it is recommended to usefrr-stable
to install the latest stable version.FRRVER="frr-stable"
Note
For more information on FRR versions, see the FRR RPM repository and FRR’s Github Releases.Add FRR’s RPM repository to your system:
CentOS/RHEL 8
curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el8.noarch.rpm sudo dnf install ./$FRRVER*
CentOS/RHEL 7
curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm sudo yum install ./$FRRVER*
Install FRR:
CentOS/RHEL 8
sudo dnf install frr frr-pythontools
CentOS/RHEL 7
sudo yum install frr frr-pythontools
Configure FRR
With FRR installed, you can now configure it to enable IP failover.
FRR works using a variety of protocols. Since we’re using FRR for its BGP support, the next step is to explicitly enable the
bgpd
daemon. Using a text editor of your choice, enable thebgpd
daemon by updating its value toyes
in the FRR daemons configuration file:- File: /etc/frr/daemons
1 2 3
# The watchfrr and zebra daemons are always started. # bgpd=yes
Gather the following information, which is required for the next step:
- Shared IP address (
[SHARED_IP]
): The IPv4 address you shared or an address from the IPv6 range that you shared. You can choose any address from the IPv6 range. For example, within the range 2001:db8:e001:1b8c::/64, the address2001:db8:e001:1b8c::1
can be used. - Prefix (
[PREFIX]
): For an IPv4 address, use32
. For an IPv6 address, use either56
or64
depending on the size of the range you are sharing. - Protocol (
[PROTOCOL]
): Useipv4
when sharing an IPv4 address andipv6
when sharing an IPv6 address. - Hostname (
[HOSTNAME]
): The hostname defined on the Compute Instance you are configuring (ex:atl-bgp-1
). - Role (
[ROLE]
): The role of this Compute Instance within your failover strategy.primary
: All requests are routed to this Compute Instance, provided it is accessible.secondary
: If theprimary
instance fails, all requests are routed to this Compute Instance, provided it is accessible.
- Data center ID (
[DC_ID]
): The ID of your data center. See IP Sharing Availability for the corresponding ID.
- Shared IP address (
Edit the
/etc/frr/frr.conf
file and add the following lines. Ensure you replace any instances of[SHARED_IP]
,[HOSTNAME]
,[ROLE]
, and[DC_ID]
as outlined above.- File: /etc/frr/frr.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
hostname [HOSTNAME] router bgp 65001 no bgp ebgp-requires-policy coalesce-time 1000 bgp bestpath as-path multipath-relax neighbor RS peer-group neighbor RS remote-as external neighbor RS ebgp-multihop 10 neighbor RS capability extended-nexthop neighbor 2600:3c0f:[DC_ID]:34::1 peer-group RS neighbor 2600:3c0f:[DC_ID]:34::2 peer-group RS neighbor 2600:3c0f:[DC_ID]:34::3 peer-group RS neighbor 2600:3c0f:[DC_ID]:34::4 peer-group RS address-family [PROTOCOL] unicast network [SHARED_IP]/[PREFIX] route-map [ROLE] redistribute static exit-address-family route-map primary permit 10 set community 65000:1 route-map secondary permit 10 set community 65000:2 ipv6 nht resolve-via-default
Restart the FRR service:
sudo systemctl restart frr
More Information
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on