Page MenuHomePhabricator
Paste P42709

CloudLB Codfw Example Conf
ActivePublic

Authored by cmooney on Dec 14 2022, 4:08 PM.
Tags
None
Referenced Files
F35864291: CloudLB Codfw Example Conf
Dec 14 2022, 4:33 PM
F35864279: CloudLB Codfw Example Conf
Dec 14 2022, 4:11 PM
F35864269: CloudLB Codfw Example Conf
Dec 14 2022, 4:08 PM
Subscribers
None
router id 172.20.191.13; # This should be unique IP of system, cloud-private here but doesn't matter as long as unique.
protocol device {
scan time 10;
}
define LOOPBACK_VIPS = [
185.15.56.0/23{32,32} # This will catch all /32s in the range so should be ok to hard-code
];
filter DIRECT_IN {
if net ~ LOOPBACK_VIPS then {
accept;
}
}
filter CLOUD_OUT_PRI {
if proto = "DIRECT" && net ~ LOOPBACK_VIPS then {
accept;
}
}
filter CLOUD_OUT_SEC {
if proto = "DIRECT" && net ~ LOOPBACK_VIPS then {
bgp_path.prepend(64712);
bgp_path.prepend(64712);
bgp_path.prepend(64712);
accept;
}
}
protocol direct DIRECT {
ipv4 {
import filter DIRECT_IN;
};
}
protocol kernel KERNEL {
scan time 10;
ipv4 {
import none;
export where source = RTS_BGP;
};
learn;
}
protocol bfd BFD {
interface "*" {
interval 300 ms;
multiplier 3;
};
}
protocol bgp CR1_CODFW {
bfd yes;
ipv4 {
import all;
export filter CLOUD_OUT_PRI; ### This should be CLOUD_OUT_PRI or CLOUD_OUT_SEC depending on host's role
};
local as 64712; ### Should be ok to hard-code, need to confirm ok to use within netops
neighbor 172.20.191.2 as 14907 external; ### IP is for cr1-codfw, ASN is for all CRs (in eqiad ASN is different for cloudsw)
}
protocol bgp CR2_CODFW {
bfd yes;
ipv4 {
import all;
export filter CLOUD_OUT_PRI;
};
local as 64712;
neighbor 172.20.191.3 as 14907 external; ### IP is for cr2-codfw, ASN is for all CRs (in eqiad ASN is different for cloudsw)
}
# If this is running in a separate netns, then we don't have another 2 "protocol bgp" defs for the prod realm (and specifics for WMF ranges etc.)