I am starting with my own AS, got public IPv4/24 and IPv6/44. I have virtual Debian servers running BIRD as BGP daemon, one at each of two sites. On site A, provider 1 gives full table for IPv4/v6. Site B is connected to two IXP where I am peering on route servers and get full table for IPv4/v6 from provider 2 and IPv6-only from provider 3.

Right now I have a GRE tunnel between those two virtual routers and some GRE tunnels from site B to several virtual servers at other datacenters to work with my own IP addresses on those servers. Static routes on site A and B make sure that traffic for my "clients" gets routed from site A to site B (if traffic comes in from provider 1) and from there to the final target.

As you can see, this isn’t very fault tolerant. When site B goes down, everything is broken. I think about connecting my "clients" with a tunnel to site A and site B each and let OSPF do the magic to find the best available route to and from the rest of the world.

The questions I got so far:

  • if I add more virtual BGP servers, there will be more tunnels per client. Is there a more elegant way?
  • if tunnels between the virtual BGP servers and the clients are the way to go, is there any negative effect by using private IP addresses for the tunnels instead of wasting public IP addresses?

I am more than happy to hear your thoughts on how to optimize my setup.

Leave a Reply

Your email address will not be published. Required fields are marked *