i have 2 routers in my network, R1 and R2. R1 is doing BGP with ISP1 and R2 is doing BGP with ISP2. both R1 and R2 are advertising the exact same a.b.c.d/20 network to their neighbor on BGP.

This setup is working perfectly fine, people can enter reach machines and services inside our network regardless of what route they come in through.

The problem i have now is that R1 is now catering for a specific VLAN. now if a packet is destined for a machine on that VLAN but comes in through R2, then R2 does not know what to do with that packet since it is not connected to the VLAN.

this could probably be fixed by adding static routes, but I want this to happen dynamically so in the future, when introducing more vlans the routing table is updated automatically.

could this problem be fixed with iBGP or OSPF somehow? I am using Quagga routing software

Thanks

You haven't really provided enough information to give the BEST solution, but working with what you have provided keep the following in mind. If you handle on layer 2 you won't need to use a routing protocol but depending on what you're trying to accomplish that might not fit. Also, consider that if R1 is the only path to VLAN10 and R2 is the only path to vlan20 and either fails, you have no true redundancy. R1 and R2 should both have a management IP in each vlan and then you would use VRRP to create a virtual IP that can float back and forth between the two (this would be the gateway for the vlan). Not sure if quagga supports VTP or the likes but if would be nice if you could configure R1/R2 as the VTP server so that you only have to create the vlan once and it would progate to the vtp clients (access layer switches). Of course, this would require that each access layer switch has a layer 2 uplink going to each router. Now, if additional routing is necessary... say that you wanted to have certain interfaces on the switch operate as layer 3 ports, then the access layer switches would need to do ospf with the routers for dynamic updates.
server 1 (vlan scenario) uses gateway that is the vrrp address that floats between r1/r2
server 2 (non-vlan) has a ip range assigned (requires switch1 to be a layer 3 switch) uses the ip of the switch interface as gateway. routing is then required.

Hi,

Making sure that both R1 and R2 are fully connected to every VLAN is something that i have considered. But that in total that makes 3 IP address per VLAN, 1 for R1, 1 for R2, and one floating between them. The number of IP needs to be kept to a minimum. ( This is for a co-location customer.We gave them a small block of IP addresses, told them which one is the gateway IP and the rest they can do whatever they want with)

You mentioned not enough information, let me try to explain further

[isp1] [isp2]
| |
[r1]----[r2]
\ / (these are trunks)
[ switch1 ]
/ \
[server1] [server2]

server1 is connected to the switch on a VLAN10 port. R1 (which is a CentOS machine) is connected to the switch on a trunk port. I have used vconfig to add the interface eth0.10 and then configured that interface to be the gateway for all the machines in VLAN10.

as for the true redundancy part, I am using Linux-HA for the heartbeat between the R1 and R2, so if R1 goes down, R2 will automatically take over all of the IP addresses including the VLAN gateway IP on eth0.10 (keeping the usage of the IP addresses to a minumum)

Going back to the original problem, if packets destined for server1 (on VLAN10) comes in through ISP2 to R2, it does not know what to do with it. currently i have setup a static route on R2

route add -net VLAN10subnet/29 minmum R1

this is solving the problem at the moment, but is not ideal, I need that route to be entered into the routing table dynamically, so if R1 does fail, then that route disappears, since the heartbeat will now make R2 the gateway for the VLAN10 subnet.

Will iBGP setup the dynamic routing? Will I have to use OSPF? I am reluctant to actually do it myself and find out since these routers are live and handling lots of traffic.
(this is my first time dealing with routing protocols, so please be patient with me if missed something obvious here)


Many Thanks

directly connected interfaces have a lower administrative distance than static routes ( at least in the Cisco world). If it works the same in linux, even if you had the static route in R2, once it acquired the interface from R1 via HA, the directly connected route would be the best path to that subnet. The good thing about that is when the interface was removed, the static route back to R1 should still be there.

OSPF will converge faster than BGP. Using either, you will need to create the network statements for the advertisement or redistribute. I would test everything in a non-production environment if possible. If not, make sure the work is done during a service windows and you save configs for roll-back.

Thanks settntrenz, you have been a great help.

Picking up on the the last few things your said

'you will need to create the network statements for the advertisement or redistribute'

Like I mentioned in my earlier post, this is my first time with routing protocols such as BGP and OSPF. Do you think that you could have look at my bgpd.conf file and tell me if the network statements are being done correctly? (this a setup that i inherited, I just made one change for the iBGP)



bgpd.conf from R1

router bgp 100
bgp router-id R1_IPaddr
network IP_Subnet/20
neighbor ISP1_Neighbor remote-as 200
neighbor R2_IPaddr remote-as 100 // added this for the iBGP
neighbor ISP1_Neighbor next-hop-self
neighbor ISP1_Neighbor prefix-list adv-external out
!
ip prefix-list adv-external seq 10 permit IP_Subnet/20
ip prefix-list adv-external seq 100 deny any


bgpd.conf from R2

router bgp 100
bgp router-id R2_IPaddr
network IP_Subnet/20
neighbor ISP2_Neighbor remote-as 300
neighbor R1_IPaddr remote-as 100 // added this for the iBGP
neighbor ISP2_Neighbor next-hop-self
neighbor ISP2_Neighbor prefix-list adv-external out
!
ip prefix-list adv-external seq 10 permit IP_Subnet/20
ip prefix-list adv-external seq 100 deny any



Thanks