Configuring IP Failover over BGP using FRR (Advanced)

Traducciones al Español
Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Create a Linode account to try this guide with a $ credit.
This credit will be applied to any valid services used during your first  days.
Note
Not all data centers support configuring IP failover over BGP. Review the Configuring Failover on a Compute Instance to learn more about IP Sharing / IP failover availability within each data center.

This guide covers using the open source FRRouting (FRR) tool to configure failover between two Linode Compute Instances. FRR is a routing service that uses BGP to monitor and fail over components in a high availability configuration. These instructions supplement the general Configuring Failover on a Compute Instance guide and are intended as an advanced alternative to lelastic when more control and customization is needed.

Before You Begin

Prior to following this guide, ensure the following has been done on each Compute Instance used within your IP failover strategy.

  1. Read through the Configuring Failover on a Compute Instance guide to learn more about how failover is implemented within Linode Compute.

  2. Set the hostname and update the hosts file for each Compute Instance.

  3. Verify Python3 is installed. See FRR’s official documentation to learn about FRR’s Python dependencies.

Configure Failover

These instructions enable you to configure failover using FRR, which is very configurable and can be used for advanced failover implementation. This guide depends on the general Configuring Failover on a Compute Instance guide for many steps.

To configure failover, complete each section in the order shown:

  1. Configuring Failover on a Compute Instance > Create and Share the Shared IP Address
  2. For each Compute Instance:
  3. Configuring Failover on a Compute Instance > Test Failover

Install FRR

This section provides instructions for installing FRR on Debian, Ubuntu, and CentOS systems through their native package managers. If you’re using a different distribution or prefer to install FRR from source, follow FRR’s official installation instructions to install FRR using git.

Debian and Ubuntu

Supported distributions: Ubuntu 20.04, 18.04, and 16.04 | Debian 11, 10, and 9

  1. Set the FRR environment variable to the version you would like to install. The possible values are frr-6, frr-7, frr-8, and frr-stable, though it is recommended to use frr-stable to install the latest stable version.

    FRRVER="frr-stable"
    
    Note
    For more information on FRR versions, see the FRR Debian repository and FRR’s Github Releases.
  2. If you’re running an older Debian-based system, you may need to install the packages below, which come default with most modern Debian-based distributions.

    sudo apt update && sudo apt install apt-transport-https gnupg
    
  3. Add FRR’s GPG key:

    curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
    
  4. Add FRR’s Debian repository to your system’s source’s list:

    echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
    
  5. Install FRR:

    sudo apt install frr frr-pythontools
    

CentOS/RHEL 7 and 8

Supported distributions: CentOS Stream 9 (and 8), CentOS 8 (and 7), other RHEL derivatives (including AlmaLinux 8, and Rocky Linux 8), and Fedora.

  1. Set the FRR environment variable to the version you would like to install. The possible values are frr-6, frr-7, frr-8, and frr-stable, though it is recommended to use frr-stable to install the latest stable version.

    FRRVER="frr-stable"
    
    Note
    For more information on FRR versions, see the FRR RPM repository and FRR’s Github Releases.
  2. Add FRR’s RPM repository to your system:

    • CentOS/RHEL 8

      curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el8.noarch.rpm
      sudo dnf install ./$FRRVER*
      
    • CentOS/RHEL 7

      curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm
      sudo yum install ./$FRRVER*
      
  3. Install FRR:

    • CentOS/RHEL 8

      sudo dnf install frr frr-pythontools
      
    • CentOS/RHEL 7

      sudo yum install frr frr-pythontools
      

Configure FRR

With FRR installed, you can now configure it to enable IP failover.

  1. FRR works using a variety of protocols. Since we’re using FRR for its BGP support, the next step is to explicitly enable the bgpd daemon. Using a text editor of your choice, enable the bgpd daemon by updating its value to yes in the FRR daemons configuration file:

    File: /etc/frr/daemons
    1
    2
    3
    
    # The watchfrr and zebra daemons are always started.
    #
    bgpd=yes
  2. Gather the following information, which is required for the next step:

    • Shared IP address ([SHARED_IP]): The IPv4 address you shared or an address from the IPv6 range that you shared. You can choose any address from the IPv6 range. For example, within the range 2001:db8:e001:1b8c::/64, the address 2001:db8:e001:1b8c::1 can be used.
    • Prefix ([PREFIX]): For an IPv4 address, use 32. For an IPv6 address, use either 56 or 64 depending on the size of the range you are sharing.
    • Protocol ([PROTOCOL]): Use ipv4 when sharing an IPv4 address and ipv6 when sharing an IPv6 address.
    • Hostname ([HOSTNAME]): The hostname defined on the Compute Instance you are configuring (ex: atl-bgp-1).
    • Role ([ROLE]): The role of this Compute Instance within your failover strategy.
      • primary: All requests are routed to this Compute Instance, provided it is accessible.
      • secondary: If the primary instance fails, all requests are routed to this Compute Instance, provided it is accessible.
    • Data center ID ([DC_ID]): The ID of your data center. See IP Sharing Availability for the corresponding ID.
  3. Edit the /etc/frr/frr.conf file and add the following lines. Ensure you replace any instances of [SHARED_IP], [HOSTNAME], [ROLE], and [DC_ID] as outlined above.

    File: /etc/frr/frr.conf
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    
    hostname [HOSTNAME]
    
    router bgp 65001
    no bgp ebgp-requires-policy
    coalesce-time 1000
    bgp bestpath as-path multipath-relax
    neighbor RS peer-group
    neighbor RS remote-as external
    neighbor RS ebgp-multihop 10
    neighbor RS capability extended-nexthop
    neighbor 2600:3c0f:[DC_ID]:34::1 peer-group RS
    neighbor 2600:3c0f:[DC_ID]:34::2 peer-group RS
    neighbor 2600:3c0f:[DC_ID]:34::3 peer-group RS
    neighbor 2600:3c0f:[DC_ID]:34::4 peer-group RS
    
    address-family [PROTOCOL] unicast
      network [SHARED_IP]/[PREFIX] route-map [ROLE]
      redistribute static
    exit-address-family
    
    route-map primary permit 10
      set community 65000:1
    route-map secondary permit 10
      set community 65000:2
    
    ipv6 nht resolve-via-default
  4. Restart the FRR service:

    sudo systemctl restart frr

More Information

You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

This page was originally published on


Your Feedback Is Important

Let us know if this guide was helpful to you.


Join the conversation.
Read other comments or post your own below. Comments must be respectful, constructive, and relevant to the topic of the guide. Do not post external links or advertisements. Before posting, consider if your comment would be better addressed by contacting our Support team or asking on our Community Site.