Forum Discussion
NimbostratusBGP Over 2 vlans to 2 Network switch
Hi,
im testing a new design for ltm, when’re big ip will have 2 transit vlans to switch a and switch b and then i ll establish bgp over it. Switch will advertise default to Big ip and big ip will advertise vip and snat to switch. I use snat for vip since traffic should not drip when a switch fails. The way im advertising snat is by creating them as virtual server forward ip type with loose close and initiation enabled, and vip is configured as standard type with this snat. These will be advertised to bgp from kernal. I enabled connection mirroring for this vip, disabled autolast hop globally and vlan keyed connections. My expectation is connection to vip don’t drip when a switch fails or during big ip failover . And with bgp I disabled graceful restart and enabled bfd. This works with what I did so far. My question if if there is something I should think about before implementing in production or any that I can do make this better. Is my approach to advertise snat as forwadip vs correct ?
I want to do similar approach with gtm as well and I’m thinking if I should create a non floating self ip like loopback for listener and snat to backend vip?
2 Replies
WillRobbinsDo you have a diagram I think I understand what you are trying to do but a diagram would help. :-)
Why 2 transit vlans?
Is't is more simple to advertise the Virtual Server subnet with the next hop being the Floating Self-IP in 1 transit vlan? During a failover or switch failure there is no routing recalculation, only L2 arp.
In Zebos you can create a static for the SNAT pool addresses to be send to Null. This will inject them in the BGP route table without the need to create a useless Virtual server.
Some BGP config snippets:
ip route 10.10.10.104/29 Null (for SNAT pool addresses)route-map NEXTHOP permit 10
set ip next-hop 10.10.105.195 primary (this is your floating self IP in the transit vlan)
