Page MenuHomePhabricator
Create Task
Maniphest T246721

BGP: Investigate isolating codfw and eqiad
Closed, ResolvedPublic
Actions

Description

Currently eqiad and codfw are sharing all their external routing:

  • inbound: both codfw and eqiad IP prefixes (one /23 each) are advertised from both sites (and eqord) as a single /22
  • outbound: both sites exchange their full views

Which mean that traffic toward codfw VIPs can enter our network via eqiad (and the other way around).
And traffic exiting a codfw can be router to eqiad before an external transit/peering (and the other way around).

My guess is that is has been configured like that in the past so bandwidth from both sites was being utilized.

However this might not be the best option anymore, the main issue being with traffic engineering.

When esams is depooled, eqiad links tend to saturate. For that reason the traffic team used a different DNS geo-maps file to redirect some US regions to codfw instead of eqiad. But with the current routing strategy, even if the traffic goes to codfw's VIPs, it can still enters through eqiad, potentially saturating links.

The other reason to change this, is so both sites are more independent, splitting the /22 into two /23s would make a miss-configuration less likely to impact both sites. Similarly, not exchanging full views would make routing simpler (similar to our other sites) and convergence faster.

Details

SubjectRepoBranchLines +/-
Shrink eqiad/eqord bgp_out to /23 and /48operations/homer/publicmaster+12 -16
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedayounsiT246721 BGP: Investigate isolating codfw and eqiad
 ResolvedayounsiT235886 IRR updates needed

Event Timeline

ayounsi created this task.Mar 2 2020, 9:46 PM
Restricted Application added a project: SRE. · View Herald TranscriptMar 2 2020, 9:46 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
akosiaris triaged this task as Medium priority.Mar 5 2020, 8:49 AM
ema moved this task from Backlog to Network on the Traffic board.Mar 11 2020, 1:55 PM
CDanis subscribed.Mar 17 2020, 12:18 PM
ayounsi added a comment.Mar 25 2020, 10:15 AM

digging more into it, codfw already advertise its own /23 (and v6 /48).

ayounsi added a comment.EditedMar 26 2020, 11:21 AM

Next steps are:

  • Check ROAs - DONE
  • Advertise 208.80.154.0/23 (compete with CF) and 2620:0:861::/48 from eqiad/eqord
[edit routing-options aggregate]
     route 185.15.56.0/24 { ... }
+    route 208.80.154.0/23 policy BGP_aggregate_contributors;
[edit routing-options rib inet6.0 aggregate]
      route 2620:0:861:ed1a::/64 { ... }
+     route 2620:0:861::/48 policy BGP_aggregate_contributors;
[edit policy-options prefix-list bgp6-out]
+    2620:0:861::/48;

Note: 208.80.154.0/23 is already in bgp-out

  • Check that they are being advertised as expected (looking glass, RPKI status)
  • Cleanup 208.80.152.0/22 and 2620:0:860::/46
[edit routing-options rib inet6.0 aggregate]
-     route 2620:0:860::/46 policy BGP_aggregate_contributors;
[edit policy-options prefix-list bgp6-out]
-   2620:0:860::/46;
[edit routing-options aggregate]
-    route 208.80.152.0/22 policy BGP_aggregate_contributors;
[edit policy-options prefix-list bgp-out]
-    208.80.152.0/22;
  • In codfw/eqdfw set protocols bgp group Confed_eqiad export BGP_Wikimedia_no_dfz
  • In eqiad/eqord set protocols bgp group Confed_codfw export BGP_Wikimedia_no_dfz
  • Check that BGP prefixes are still being propagated between sites (eg. LVS VIPs)
  • Monitor traffic shift
gerritbot added a comment.Mar 26 2020, 11:34 AM

Change 583579 had a related patch set uploaded (by Ayounsi; owner: Ayounsi):
[operations/homer/public@master] Shrink eqiad/eqord bgp_out to /23 and /48

https://gerrit.wikimedia.org/r/583579

gerritbot added a project: Patch-For-Review.Mar 26 2020, 11:34 AM
Stashbot added a comment.Mar 26 2020, 3:40 PM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T15:40:01Z] <XioNoX> start advertising 2620:0:861::/48 from eqiad - T246721

ayounsi added a comment.Mar 26 2020, 3:42 PM
  Prefix		  Nexthop	       MED     Lclpref    AS path
* 2620:0:860::/46         Self                                    I
* 2620:0:861::/48         Self                                    I

Advertised as expected.

Stashbot added a comment.Mar 26 2020, 3:49 PM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T15:49:18Z] <XioNoX> start advertising 208.80.154.0/23 from eqiad - T246721

ayounsi added a comment.Mar 26 2020, 3:54 PM

Both v4 and v6 are seen as expected in LG:
https://stat.ripe.net/widget/looking-glass#w.resource=208.80.154.0/23
https://stat.ripe.net/widget/looking-glass#w.resource=2620:0:861::/48

Stashbot added a comment.Mar 26 2020, 4:12 PM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T16:12:53Z] <XioNoX> stop advertising 2620:0:860::/46 from eqiad - T246721

Stashbot added a comment.Mar 26 2020, 4:18 PM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T16:18:42Z] <XioNoX> stop advertising 208.80.152.0/22 from eqiad - T246721

gerritbot added a comment.Mar 26 2020, 4:31 PM

Change 583579 merged by jenkins-bot:
[operations/homer/public@master] Shrink eqiad/eqord bgp_out to /23 and /48

https://gerrit.wikimedia.org/r/583579

Stashbot added a comment.Mar 26 2020, 4:34 PM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T16:34:11Z] <XioNoX> stop exchanging full BGP view between eqiad and codfw - T246721

ayounsi added a subtask: T235886: IRR updates needed.Mar 26 2020, 4:45 PM
ayounsi added a comment.Mar 26 2020, 4:49 PM

This is all done.
Last step is to update IRRs, tracked in T235886.

Maintenance_bot removed a project: Patch-For-Review.Mar 26 2020, 5:10 PM
ayounsi closed this task as Resolved.Mar 27 2020, 2:59 PM
ayounsi claimed this task.

Done.

ayounsi closed subtask T235886: IRR updates needed as Resolved.Apr 6 2020, 7:14 AM
Stashbot added a comment.Apr 14 2020, 9:37 AM

Mentioned in SAL (#wikimedia-operations) [2020-04-14T09:37:14Z] <XioNoX> cleanup 2620:0:860::/46 and 208.80.152.0/22 aggregates from cr1/2-codfw - T246721

Stashbot added a comment.Apr 14 2020, 9:47 AM

Mentioned in SAL (#wikimedia-operations) [2020-04-14T09:47:13Z] <XioNoX> cleanup 2620:0:860::/46 and 208.80.152.0/22 aggregates from cr2-eqord - T246721

Stashbot added a comment.Apr 14 2020, 9:48 AM

Mentioned in SAL (#wikimedia-operations) [2020-04-14T09:48:09Z] <XioNoX> cleanup 2620:0:860::/46 and 208.80.152.0/22 aggregates from cr2-eqdfw - T246721

ayounsi mentioned this in T259593: Make eqord its own AS.Aug 4 2020, 9:04 AM
BBlack moved this task from Network to Done on the Traffic board.Oct 8 2021, 6:00 PM
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptOct 8 2021, 6:00 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL