Enable IP sharing (elastic IPs) in Atlanta through FRR
The Atlanta data center was upgraded in April of 2021 to improve performance and expand product availability (see the Atlanta data center upgrades completed blog post). As part of this upgrade, the IP Sharing feature was impacted and no longer functions as it did before. Customers that currently use this feature can follow this guide to manually enable IP Sharing (also called Elastic IPs) through the open source FRRouting (FRR) tool. This allows two Compute Instances to share a single IP address, one serving as the primary and one serving as the secondary. If the primary Compute Instance becomes unavailable, the elastic IP will seamlessly failover to the secondary Compute Instance.
This guide discusses a temporary workaround specific to the Atlanta data center. Future planned network upgrades may impact this feature again and may require additional configuration.
Before you begin
-
Before beginning the process outlined in this guide, make sure that you have received an IPv4 address(es) from Support to use as your Elastic IP(s). To request an additional IPv4 address, open a new support ticket from Cloud Manager.
-
Ensure you have set the hostname and have updated the hosts file on your Compute Instances.
-
Ensure Python 3 is installed on your system. See FRR's official documentation to learn about FRR's Python dependencies.
-
Disable Network Helper on the Elastic IP Compute Instances and reboot them.
Install FRR
This section provides instructions for installing FRR on Debian, Ubuntu, and CentOS systems through their native package managers. If you're using a different distribution or prefer to install FRR from source, follow FRR's official installation instructions to install FRR using git.
Ubuntu and Debian
Supported distributions: Ubuntu 20.04, 18.04, and 16.04 | Debian 11, 10, and 9
-
Install the package dependencies needed to securely install FRR on your system:
sudo apt-get install apt-transport-https gnupg
-
Add FRR's GPG key:
curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
-
Set the FRR environment variable as
frr-stable
to install the latest FRR release. Specific releases can also be targeted by setting the variable tofrr-8
,frr-7
,frr-6
(see FRR Debian Repository for more details).FRRVER="frr-stable"
-
Add FRR's Debian repository to your system's source's list:
echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
-
Install the FRR package:
sudo apt update && sudo apt install frr frr-pythontools
CentOS/RHEL
Supported distributions: CentOS Stream 9 (and 8), CentOS 8 (and 7), other RHEL derivatives (including AlmaLinux 8, and Rocky Linux 8), and Fedora.
-
Set the FRR environment variable as
frr-stable
to install the latest FRR release. Specific releases can also be targeted by setting the variable tofrr-8
,frr-7
,frr-6
(see FRR RPM Repository for more details).FRRVER="frr-stable"
-
Download the FRR's RPM repository.
CentOS/RHEL 8
curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el8.noarch.rpm
CentOS/RHEL 7
curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm
-
Install the repository.
sudo yum install ./$FRRVER*
-
Install the FRR package.
sudo yum install frr frr-pythontools
Enable bgpd
Enable the Border Gateway Protocol (BGP) daemon on your system.
-
Using a text editor of your choice, enable the
bgpd
daemon by updating its value toyes
in/etc/frr/daemons
(the FRR daemons configuration file):# The watchfrr and zebra daemons are always started. # bgpd=yes
-
Restart the FRR service:
sudo systemctl restart frr.service
Configure FRR
With FRR installed, you can now apply the required configurations to enable Elastic IP(s). When following the steps within this section, you need to have the following pieces of information:
- Elastic IP address (
[ELASTIC_IP]
): The elastic IP address assigned to your Compute Instance. If you do not yet have this, contact Support. - Hostname (
[HOSTNAME]
): The hostname defined on your Compute Instance (ex:atl-bgp-1.example.com
). - Gateway IP (
[DEFAULT_GW_IPV4]
: This is the Compute Instance's IPv4 address (non-Elastic IP address), which determines thepeer-group HOST
setting. Enter the first 3 octets of the Compute Instance's IPv4 address followed by a1
. For example, if the Compute Instance's IPv4 address is192.0.2.0
, the value to enter is192.0.2.1
. - Role (
[ROLE]
): The role of the Compute Instance's elastic IP address.primary
: All requests are routed to this Compute Instance's Elastic IP address, as long as the Compute Instance is running.secondary
: If theprimary
Compute Instance fails, all requests are routed to this Compute Instance's Elastic IP address, as long as the Compute Instance is running.
-
The template below includes the FRR configuration. Ensure you replace any instances of
[ELASTIC_IP]
,[HOSTNAME]
,[ROLE]
, and[DEFAULT_GW_IPV4]
as outlined above. Store the template with your replaced values somewhere that you can easily access later. In the next step, you copy the contents of the template and paste them into the VTY interactive shell.hostname [HOSTNAME] router bgp 65045 no bgp ebgp-requires-policy coalesce-time 1000 bgp bestpath as-path multipath-relax neighbor HOST peer-group neighbor HOST remote-as external neighbor HOST capability extended-nexthop neighbor [DEFAULT_GW_IPV4] peer-group HOST address-family ipv4 unicast network [ELASTIC_IP]/32 route-map [ROLE] redistribute static exit-address-family route-map primary permit 10 set large-community 63949:1:1 route-map secondary permit 10 set large-community 63949:1:2
-
Run the VTY shell:
sudo vtysh
-
Enter configuration mode:
conf t
-
Copy the contents of your template configuration file and paste them into the VTY shell.
-
Tell the VTY shell that you are done entering your configurations:
end
-
Write your configurations to VTY:
write
-
Verify that the configurations you entered were correctly written by showing VTY's running configuration:
show running-config
-
Exit out of the VTY shell:
q
-
Configure the Compute Instance's interface(s) with the Elastic IP:
Debian and Ubuntu (18.04 and 16.04)
Edit your Compute Instance's
/etc/network/interfaces
file with the following entries. Replace[ELASTIC_IP]
with the Elastic IPv4 address:up ip addr add [ELASTIC_IP]/32 dev eth0 label eth0 down ip addr del [ELASTIC_IP]/32 dev eth0 label eth0
If you configured more than one Elastic IP on your Compute Instance, you can add additional interface entries to your network interfaces configuration file as follows:
up ip addr add [ELASTIC_IP]/32 dev eth0 label eth0 down ip addr del [ELASTIC_IP]/32 dev eth0 label eth0 up ip addr add [ELASTIC_IP]_2/32 dev eth0 label eth0 down ip addr del [ELASTIC_IP]_2/32 dev eth0 label eth0
Ubuntu 20.04
Edit your Compute Instance's
/etc/systemd/network/05-eth0.network
file by adding anAddress
entry for the Elastic IP. Replace[ELASTIC_IP]
with the Elastic IPv4 address:[Match] Name=eth0 ... Address=[ELASTIC_IP]/32
If you configured more than one Elastic IP on your Compute Instance, you can add additional interface entries to your network interfaces configuration file as follows:
Address=[ELASTIC_IP]/32 Address=[ELASTIC_IP]_2/32
CentOS/RHEL
Edit your Compute Instance's
/etc/sysconfig/network-scripts/ifcfg-eth0
file with the following entry. Replace[ELASTIC_IP]
with the Elastic IPv4 address:IPADDR1=[ELASTIC_IP] PREFIX1="32"
If you configured more than one Elastic IP on your Compute Instance, you can add additional interface entries to your network interfaces configuration file as follows:
IPADDR1=[ELASTIC_IP] PREFIX1="32" IPADDR2=[ELASTIC_IP]_2 PREFIX2="32"
-
Apply the
eth0
network interface configuration:Debian, Ubuntu (18.04 and 16.04), and CentOS/RHEL
sudo ifdown eth0 && sudo ifup eth0
Ubuntu 20.04
systemctl restart systemd-networkd
-
Ensure that your network interface configurations have been applied as expected:
ip a | grep inet
You should see a similar output:
inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host inet 192.0.2.0/24 brd 192.0.2.255 scope global dynamic eth0 inet 203.0.113.0/32 scope global eth0 inet6 2600:3c04::f03c:92ff:fe7f:5774/64 scope global dynamic mngtmpaddr inet6 fe80::f03c:92ff:fe7f:5774/64 scope link
-
Restart the FRR service:
sudo systemctl restart frr.service
Test elastic IPs
Depending on how you configured your Compute Instance(s) and Elastic IP(s), testing steps may vary. In general, you can use the ping
command to test sending packets to your configured Elastic IP(s) from a separate Compute Instance, your workstation, or any other computer/server:
ping [ELASTIC_IP]
For example, if you have two Compute Instances configured with the same Elastic IP:
-
Ping the Elastic IP when both Compute Instances are up. The packets should be received by the primary Compute Instance. You can monitor ping traffic on the instance by inspecting icmp packets with the tcpdump command.
-
Shut down the primary Compute Instance and ping the Elastic IP. The packets should be received by the secondary instance. You can monitor ping traffic on the Compute Instance by inspecting icmp packets with the tcpdump command.
Updated 2 months ago